Re: [Samba] error adding a user
First of all which kind of Windows are you using. Usermgr with XP is ok with Windows Vista/7 no chance. To use usrmgr under xp and 2000 you must fit your ldap.conf and your smb.conf and youse smbldap-tools or similar: in your smb.conf there should be something like: add user script = /usr/local/sbin/smbldap-useradd -A 1 -B 1 -m -k /dummy %u to fit the right params for your linux OS you have to try. or ldap.conf, ex : basedc=your,dc=domain nss_base_passwd ou=Users,dc=your,dc=domain?sub nss_base_passwd ou=Computers,dc=your,dc=domain?sub nss_base_shadow ou=Users,dc=your,dc=domain?sub nss_base_group ou=Groups,dc=yourc,dc=domain?one In your slapd.conf , ex: access to attrs=sambaLMPassword by self write by anonymous auth by dn=cn=admin,dc=your,dc=domain write by * none access to attrs=sambaNTPassword by self write by anonymous auth by dn=cn=admin,dc=your,dc=domain write by * none access to attrs=sambaPwdLastSet,sambaPwdMustChange by self write by anonymous auth by dn=cn=admin,dc=your,dc=domain write by * none On Sun, 2 Jan 2011 22:44:20 +0100, Marco Ciampa ciam...@libero.it wrote: On Fri, Dec 31, 2010 at 04:34:05AM +0100, Marco Ciampa wrote: Sorry for (I'm shure) my stupid question (and my bad english)... If this is not the right place to post this kind of question forgive me and please point me to the right mailinglist. I've a Samba 3 that works with an openldap server as a sole domain controller. I used to use the Microsoft usermanager. After a general migration/upgrate I am not able to create new users anymore. I can do it with the smbldap-tools, manually only from the root user but if I do it through the usermanager it gives me an error. A net user add command done with the same adminitrator user give me this error: Failed to add user 'pippo' with: WERR_GENERAL_FAILURE. from the logs: [2010/12/31 04:30:44, 0] passdb/pdb_ldap.c:2197(ldapsam_add_sam_account) ldapsam_add_sam_account: User 'pippo' already in the base, with samba attributes Any hint? Need some other info? I've seen in the Internet many times asked this question so it seems a recurring problem but with generic answers (check all your conf data/permission/so on...) or no answer at all... Maybe it is a generic-catch-all error message a la Windows so it could be fired by a hundred reasons or what? Sorry I am not a Samba nor LDAP expert... you see... -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error adding a user
On Mon, Jan 03, 2011 at 09:54:39AM +0100, Daniel Müller wrote: First of all which kind of Windows are you using. Usermgr with XP is ok with Windows Vista/7 no chance. ok I'm using XP... To use usrmgr under xp and 2000 you must fit your ldap.conf and your smb.conf and youse smbldap-tools or similar: in your smb.conf there should be something like: add user script = /usr/local/sbin/smbldap-useradd -A 1 -B 1 -m -k /dummy %u if I use: add user script = smbldap-useradd -a -m %u it gives me the error reported above. If I use: add user script = smbldap-useradd -m %u it works. It seems that Samba creates the samba specific objects to the ldap server directly. If I am no wrong, the option -a to smbldap-useradd should be used only if the script is called from outside samba (as in a user populating script, for example...) Am I write or am I wrong? I understand that these basic concepts are important. I can't do forward without before clarifying this ... :-( to fit the right params for your linux OS you have to try. or ldap.conf, ex : basedc=your,dc=domain nss_base_passwd ou=Users,dc=your,dc=domain?sub nss_base_passwd ou=Computers,dc=your,dc=domain?sub nss_base_shadow ou=Users,dc=your,dc=domain?sub nss_base_group ou=Groups,dc=yourc,dc=domain?one In your slapd.conf , ex: access to attrs=sambaLMPassword by self write by anonymous auth by dn=cn=admin,dc=your,dc=domain write by * none access to attrs=sambaNTPassword by self write by anonymous auth by dn=cn=admin,dc=your,dc=domain write by * none access to attrs=sambaPwdLastSet,sambaPwdMustChange by self write by anonymous auth by dn=cn=admin,dc=your,dc=domain write by * none My slapd.conf is this, for what I understand, it could be right... access to attrs=userPassword,sambaNTPassword,sambaLMPassword by dn=cn=admin,dc=lsgalilei,dc=org write by anonymous auth by self write by * none Ok Next problem: User deleting through usermanager is not able to delete the home directory. Maybe it is this fault: ldap delete dn = yes if Samba delete the ldap object the smbldap-userdel script have no chance to delete an already deleted user... setting ldap delete dn = no seems to cure. Again: am I right or am I totally wrong? Next problem: I can't browse the groups during user creation step in the usermanager or, after creating the user, browse its groups... It seems (looking into samba logs) that it insists to search a group Users instead of Domain Users... mmm where could it be wrong? Ldap or Samba ... tomorrow I will investigate more deeply... Thank you _very much_ for your help and support. Very often happens to me that just the action of trying to expose a problem to someonelse help me a lot clarifying myself... -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error adding a user
On Fri, Dec 31, 2010 at 04:34:05AM +0100, Marco Ciampa wrote: Sorry for (I'm shure) my stupid question (and my bad english)... If this is not the right place to post this kind of question forgive me and please point me to the right mailinglist. I've a Samba 3 that works with an openldap server as a sole domain controller. I used to use the Microsoft usermanager. After a general migration/upgrate I am not able to create new users anymore. I can do it with the smbldap-tools, manually only from the root user but if I do it through the usermanager it gives me an error. A net user add command done with the same adminitrator user give me this error: Failed to add user 'pippo' with: WERR_GENERAL_FAILURE. from the logs: [2010/12/31 04:30:44, 0] passdb/pdb_ldap.c:2197(ldapsam_add_sam_account) ldapsam_add_sam_account: User 'pippo' already in the base, with samba attributes Any hint? Need some other info? I've seen in the Internet many times asked this question so it seems a recurring problem but with generic answers (check all your conf data/permission/so on...) or no answer at all... Maybe it is a generic-catch-all error message a la Windows so it could be fired by a hundred reasons or what? Sorry I am not a Samba nor LDAP expert... you see... -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error adding a user
On Sun, Jan 2, 2011 at 4:44 PM, Marco Ciampa ciam...@libero.it wrote: On Fri, Dec 31, 2010 at 04:34:05AM +0100, Marco Ciampa wrote: Sorry for (I'm shure) my stupid question (and my bad english)... If this is not the right place to post this kind of question forgive me and please point me to the right mailinglist. I've a Samba 3 that works with an openldap server as a sole domain controller. I used to use the Microsoft usermanager. After a general migration/upgrate I am not able to create new users anymore. I can do it with the smbldap-tools, manually only from the root user but if I do it through the usermanager it gives me an error. A net user add command done with the same adminitrator user give me this error: Failed to add user 'pippo' with: WERR_GENERAL_FAILURE. from the logs: [2010/12/31 04:30:44, 0] passdb/pdb_ldap.c:2197(ldapsam_add_sam_account) ldapsam_add_sam_account: User 'pippo' already in the base, with samba attributes Any hint? Need some other info? I've seen in the Internet many times asked this question so it seems a recurring problem but with generic answers (check all your conf data/permission/so on...) or no answer at all... Maybe it is a generic-catch-all error message a la Windows so it could be fired by a hundred reasons or what? Sorry I am not a Samba nor LDAP expert... you see... I would just add the user in ldap directly. LAM is a good tool to do that and pretty easy to use. http://www.ldap-account-manager.org John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error adding a user
On Sun, Jan 02, 2011 at 04:48:29PM -0500, John Drescher wrote: I would just add the user in ldap directly. LAM is a good tool to do that and pretty easy to use. http://www.ldap-account-manager.org Yes, I know, you are right but... ...but that question I mailed is because I want to understand what is going on. I do not want just to turn around the problem. I want to understand...I was asking if someone has encountered a similar problem just to have a hint on where start fiddling to understand fix the problem. Sorry for the noise...(returning to study some Samba+LDAP howtos...) -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] error adding a user
On Sun, Jan 2, 2011 at 5:17 PM, Marco Ciampa ciam...@libero.it wrote: On Sun, Jan 02, 2011 at 04:48:29PM -0500, John Drescher wrote: I would just add the user in ldap directly. LAM is a good tool to do that and pretty easy to use. http://www.ldap-account-manager.org Yes, I know, you are right but... ...but that question I mailed is because I want to understand what is going on. I do not want just to turn around the problem. I want to understand...I was asking if someone has encountered a similar problem just to have a hint on where start fiddling to understand fix the problem. Sorry for the noise...(returning to study some Samba+LDAP howtos...) No you are fine. You should probably post a few details of your setup. samba version, windows version, samba config. More context from the samba log you posted. Possibly an expert can help with this. I myself probably can not help much on this one. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] error adding a user
Sorry for (I'm shure) my stupid question (and my bad english)... If this is not the right place to post this kind of question forgive me and please point me to the right mailinglist. I've a Samba 3 that works with an openldap server as a sole domain controller. I used to use the Microsoft usermanager. After a general migration/upgrate I am not able to create new users anymore. I can do it with the smbldap-tools, manually only from the root user but if I do it through the usermanager it gives me an error. A net user add command done with the same adminitrator user give me this error: Failed to add user 'pippo' with: WERR_GENERAL_FAILURE. from the logs: [2010/12/31 04:30:44, 0] passdb/pdb_ldap.c:2197(ldapsam_add_sam_account) ldapsam_add_sam_account: User 'pippo' already in the base, with samba attributes Any hint? -- Marco Ciampa ++ | Linux User #78271 | | FSFE fellow #364 | ++ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba