[Samba] Re: [expert] Brainstorm - add user script in Samba-LDAP
Jim C
jcllings at tsunamicomm.net
Fri Feb 21 18:32:12 GMT 2003
>>add user script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d
>>/dev/null -g Machines -s /bin/false %u
Yes. The Manchines group does exist, as does adm and Administrators as
specified in /etc/smb.conf seen here:
>>domain admin group = root Administrator @adm @Administrators @wheel
wheel does not actually exist and both users in the system belong to
adm. I have the groups and users mentioned in the LDAP database with of
course, the exception of root. What I keep getting when I try to add a
machine is "Access denied" on the Windoz side and this is what shows up
in /var/log/messages:
> Feb 21 10:15:36 enigma smbd[13731]: [2003/02/21 10:15:36, 0] passdb/pdb_ldap.c:ldap_connect_system(344)
> Feb 21 10:15:36 enigma smbd[13731]: ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net"
> Feb 21 10:15:37 enigma smbd[13731]: [2003/02/21 10:15:37, 0] passdb/pdb_ldap.c:ldap_connect_system(344)
> Feb 21 10:15:37 enigma smbd[13731]: ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net"
> Feb 21 10:15:37 enigma smbd[13731]: [2003/02/21 10:15:37, 0] passdb/pdb_ldap.c:pdb_getsampwnam(970)
> Feb 21 10:15:37 enigma smbd[13731]: LDAP search "(&(uid=spartack_)(objectclass=sambaAccount))" returned 0 entries.
> Feb 21 10:15:37 enigma smbd[13731]: [2003/02/21 10:15:37, 0] rpc_server/srv_netlog_nt.c:get_md4pw(176)
> Feb 21 10:15:37 enigma smbd[13731]: get_md4pw: Workstation spartack$: no account in domain
> Feb 21 10:15:38 enigma smbd[13732]: [2003/02/21 10:15:38, 0] passdb/pdb_ldap.c:ldap_connect_system(344)
> Feb 21 10:15:38 enigma smbd[13732]: ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net"
> Feb 21 10:15:39 enigma smbd[13732]: [2003/02/21 10:15:39, 0] passdb/pdb_ldap.c:ldap_connect_system(344)
> Feb 21 10:15:39 enigma smbd[13732]: ldap_connect_system: Binding to ldap server as "cn=root,dc=microverse,dc=net"
> Feb 21 10:15:39 enigma smbd[13732]: [2003/02/21 10:15:39, 0] passdb/pdb_ldap.c:pdb_getsampwnam(970)
> Feb 21 10:15:39 enigma smbd[13732]: LDAP search "(&(uid=spartack_)(objectclass=sambaAccount))" returned 0 entries.
> Feb 21 10:15:39 enigma smbd[13732]: [2003/02/21 10:15:39, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(1929)
> Feb 21 10:15:39 enigma smbd[13732]: User spartack$ does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user.
The second to the last line above is the important one I think but I am
not quite certain what it is telling me.
This line:
rpc_server/srv_samr_nt.c:_api_samr_create_user(1929)
doesn't, in my mind, indicate failure and the next line simply says that
the user wasn't found. I know it wasn't added because it does not show
up in the db.
Plain and simple, these messages don't help much and I don't know what
the other log levels are. I've tried bumping the log level up to 4 and
then 5 and then on to 6 but it doesn't seem to change anything.
Lastly, someone mentioned the possibility that there might be something
going on in my non-interactive shell environment. It would help a great
deal if I had a better idea of what the environment Samba executes the
script in is. I do know that of .bash_profile and .bashrc that one of
them is for interactive environments and the other for non-interactive
however, for all I know there might be something radically different
about the environment that samba uses.
Someone also earlier mentioned that there might be something wrong with
the linking of my Perl libraries in that non-interactive environment. I
wonder if this could be fixed by re-installing them?
Jim C.
More information about the samba
mailing list