[Samba] smbldap-tools unresovled problem.
Chris Ong
chris at md.com.my
Thu Aug 11 15:21:49 GMT 2005
Hi All,
I am current working on Samba + LDAP PDC in RHEL-4.
I some problem when doing the smbldap-useradd -w command.
When I have a WinXP box try to join the PDC,
smbldap-useradd -w "%u" will add a workstation account to the LDAP tree
with all POSIX attribute but without all the SambaSAMAccount attribute.
So, the WinXP box can find it's workstation account and wouldn't join
the account.
After searcing the Samba archive I found a patch that added an extra
if (defined($Options{'w'})) section and will force to add an workstation
account with all SambaSAMAccount attribute.
But, magic happend here. When the first time a machine joining the PDC,
it will eventually failed as the machine still not be able to find it's
workstation account. But immidiately at the second time, it works. And
it has been proven that it behave this way after joing 7 workstation to
the PDC.
Attached files is the patch file. Please advise.
Thaks for all the good comment and help.
--
Regards,
C. K. Ong (Chris) Linux System Engineer,
RHCT Cert No: 603004347692007
http://www.redhat.com/rhce/rhce603004347692007.html
My Directory Sdn. Bhd.
Your Open Source Partner.
http://www.md.com.my http://www.net.my 2005
-----------------------------------------------------------------------
After watching Gentoo in Antartica, I decided to go home with RedHat
on my head.
-----------------------------------------------------------------------
*********************************************
* *POWERED BY BYNARI INSIGHT SERVER* *
* The Enterprise Email Server That Rocks! *
*********************************************
-------------- next part --------------
--- smbldap-useradd 2005-05-31 11:49:26.000000000 +0300
+++ patched 2005-06-06 09:53:50.000000000 +0300
@@ -1,6 +1,6 @@
#!/usr/bin/perl -w
-# $Id: smbldap-useradd,v 1.27 2005/05/27 14:21:00 jtournier Exp $
+# $Id: smbldap-useradd,v 1.26 2005/02/26 11:12:25 jtournier Exp $
#
# This code was developped by IDEALX (http://IDEALX.org/) and
# contributors (their names can be found in the CONTRIBUTORS file).
@@ -164,7 +164,7 @@
my $userGroupSID;
my $userRid;
my $user_sid;
-if (defined $Options{'a'} or defined $Options{'i'}) {
+if (defined $Options{'a'} or defined $Options{'i'} or defined $Options{'w'}) {
# as grouprid we use the value of the sambaSID attribute for
# group of gidNumber=$userGidNumber
$group_entry = read_group_entry_gid($userGidNumber);
@@ -265,6 +265,28 @@
$modify->code && die "failed to add entry: ", $modify->error ;
}
+
+ if (defined($Options{'w'})) {
+ my $date=time;
+ my $modify = $ldap_master->modify ( "uid=$userName,$config{computersdn}",
+ changes => [
+ replace => [objectClass => ['inetOrgPerson', 'posixAccount', 'sambaSAMAccount']],
+ add => [sambaAcctFlags => '[W ]'],
+ add => [sambaSID => "$user_sid"],
+ add => [sambaLogonTime => '0'],
+ add => [sambaLogoffTime => '2147483647'],
+ add => [sambaLMPassword => "kala"],
+ add => [sambaNTPassword => "kala"],
+ add => [sambaKickoffTime => '2147483647'],
+ add => [sambaPwdCanChange => '0'],
+ add => [sambaPwdMustChange => '2147483647'],
+ add => [sambaPwdLastSet => "$date"],
+ add => [sambaPrimaryGroupSID => "$config{SID}-515"]
+ ]
+ );
+
+ $modify->code && die "failed to add entry: ", $modify->error ;
+ }
$ldap_master->unbind;
exit 0;
@@ -311,11 +333,7 @@
system "mkdir $userHomeDirectory 2>/dev/null";
system "cp -a $config{skeletonDir}/.[a-z,A-Z]* $config{skeletonDir}/* $userHomeDirectory 2>/dev/null";
system "chown -R $userUidNumber:$userGidNumber $userHomeDirectory 2>/dev/null";
- if (defined $config{userHomeDirectoryMode}) {
- system "chmod $config{userHomeDirectoryMode} $userHomeDirectory 2>/dev/null";
- } else {
- system "chmod 700 $userHomeDirectory 2>/dev/null";
- }
+ system "chmod 700 $userHomeDirectory 2>/dev/null";
}
}
}
More information about the samba
mailing list