[Samba] Still having samba join domain problems
Anthony Hess
tonyh at engr.arizona.edu
Tue Aug 9 00:46:07 GMT 2005
So I was having problems getting a machine to join to a samba PDC running on
Solaris 9 using the bundled LDAP server. Ill skip all my previous
troubleshooting steps here (Ive tried just about anything and everything).
Anyway - so I deleted all of the attributes for samba in the directory and
ran the idealx populate script. It seemed to go just fine (the other
scripts seem to work fine too).
When I try to join the domain using the "root" account the Windows XP PC
comes back with "The following error occurred attempting to join the domain
"SUNDEV"; The user name could not be found".
In the smbd log (at level 10) this is all I get:
[2005/08/08 17:27:35, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324)
_samr_create_user: Running the command
`/usr/local/samba/acctscrp/smbldap-useradd t 5 -w "engrpc$"' gave 9
(and that only happens when I try to add an account twice in a row - Ive
seen gave 1 show up before but its not happening now)
It DOES create a posix account in the right ou, just not the samba piece.
Now Im not sure if Im going off way in the wrong direction here, but when I
try to add a machine account (with the posix information still there from
the script) with pdbedit (-a -m) I get:
ldapsam_modify_entry: Failed to modify user dn=
uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu with: Object class
violation
ldapsam_add_sam_account: failed to modify/add user with uid = engrpc$ (dn =
uid=engrpc$,ou=Machines,dc=engr, dc=arizona, dc=edu)
Unable to add machine! (does it already exist?)
I get the same error even if the posix information isnt already there. Here
is what it gives me in the ldap logs:
[08/Aug/2005:17:41:22 -0700] - Entry "uid=engrpc$,ou=Machines,dc=engr,
dc=arizona, dc=edu" missing attribute "sambaSID" required by object class
"sambaSamAccount"
It does NOT give me this if Im using the scripts.
OK, can anyone even point me in the direction I should be looking? I can
see a sambaSID in ldap or by using the net getlocalsid command.
Thanks,
Tony
More information about the samba
mailing list