[Samba] Re: [expert] Brainstorm - add user script in Samba-LDAP

Fri Feb 21 18:32:12 GMT 2003

 >>add user script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d
 >>/dev/null -g Machines -s /bin/false %u

Yes.  The Manchines group does exist, as does adm and Administrators as 
specified in /etc/smb.conf seen here:

 >>domain admin group = root Administrator @adm @Administrators @wheel

wheel does not actually exist and both users in the system belong to 
adm.  I have the groups and users mentioned in the LDAP database with of 
course, the exception of root.  What I keep getting when I try to add a 
machine is "Access denied" on the Windoz side and this is what shows up 
in /var/log/messages:

> Feb 21 10:15:36 enigma smbd[13731]: [2003/02/21 10:15:36, 0] passdb/pdb_ldap.c:ldap_connect_system(344) 
> Feb 21 10:15:36 enigma smbd[13731]:   ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net" 
> Feb 21 10:15:37 enigma smbd[13731]: [2003/02/21 10:15:37, 0] passdb/pdb_ldap.c:ldap_connect_system(344) 
> Feb 21 10:15:37 enigma smbd[13731]:   ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net" 
> Feb 21 10:15:37 enigma smbd[13731]: [2003/02/21 10:15:37, 0] passdb/pdb_ldap.c:pdb_getsampwnam(970) 
> Feb 21 10:15:37 enigma smbd[13731]:   LDAP search "(&(uid=spartack_)(objectclass=sambaAccount))" returned 0 entries. 
> Feb 21 10:15:37 enigma smbd[13731]: [2003/02/21 10:15:37, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176) 
> Feb 21 10:15:37 enigma smbd[13731]:   get_md4pw: Workstation spartack$: no account in domain 
> Feb 21 10:15:38 enigma smbd[13732]: [2003/02/21 10:15:38, 0] passdb/pdb_ldap.c:ldap_connect_system(344) 
> Feb 21 10:15:38 enigma smbd[13732]:   ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net" 
> Feb 21 10:15:39 enigma smbd[13732]: [2003/02/21 10:15:39, 0] passdb/pdb_ldap.c:ldap_connect_system(344) 
> Feb 21 10:15:39 enigma smbd[13732]:   ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net" 
> Feb 21 10:15:39 enigma smbd[13732]: [2003/02/21 10:15:39, 0] passdb/pdb_ldap.c:pdb_getsampwnam(970) 
> Feb 21 10:15:39 enigma smbd[13732]:   LDAP search "(&(uid=spartack_)(objectclass=sambaAccount))" returned 0 entries. 
> Feb 21 10:15:39 enigma smbd[13732]: [2003/02/21 10:15:39, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(1929) 
> Feb 21 10:15:39 enigma smbd[13732]:   User spartack$ does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user. 

The second to the last line above is the important one I think but I am 
not quite certain what it is telling me.
This line:
rpc_server/srv_samr_nt.c:_api_samr_create_user(1929)
doesn't, in my mind, indicate failure and the next line simply says that 
the user wasn't found.  I know it wasn't added because it does not show 
up in the db.

Plain and simple, these messages don't help much and I don't know what 
the other log levels are.  I've tried bumping the log level up to 4 and 
then 5 and then on to 6 but it doesn't seem to change anything.

Lastly, someone mentioned the possibility that there might be something 
going on in my non-interactive shell environment.  It would help a great 
deal if I had a better idea of what the environment Samba executes the 
script in is.  I do know that of .bash_profile and .bashrc that one of 
them is for interactive environments and the other for non-interactive 
however, for all I know there might be something radically different 
about the environment that samba uses.

Someone also earlier mentioned that there might be something wrong with 
the linking of my Perl libraries in that non-interactive environment.  I 
wonder if this could be fixed by re-installing them?

Jim C.