[Samba] Conflicting RID creation
Thierry Lacoste
lacoste at miage.univ-paris12.fr
Mon Mar 30 19:43:30 GMT 2009
Quoting Thierry Lacoste <lacoste at miage.univ-paris12.fr>:
> With samba 3.0.34 I have the issue described here
> http://webui.sourcelabs.com/samba/issues/5535
> That is "smbpasswd -a joe" gives RID=2*UID+1000
> while "net rpc user add joe" gives the value of the sambaNextRid
> attribute of the sambaDomainName LDAP entry.
>
> Also "smbpasswd -am machine" gives RID=2*UID+1000
> while directly joining the domain gives RID=sambaNextRid
>
> This is a problem because I'm trying to update from 3.0.22
> where sambaNextRid is never used (actually it doesn't even
> exist in my LDAP database).
>
> Is there something I can do to ensure that RID=2*UID+1000 in every case?
> Or else what should I do to avoid conflicts between my current RIDs
> (generated by 3.0.22) and those that will be generated by 3.0.34?
>
I tried 3.2.8 and I have the same problems.
I also found another weirdness.
If I have the following line in my smb.conf
add machine script = /usr/local/sbin/smbldap-useradd -W '%u'
tryng to join the DC to its domain (just for testing purposes)
first gives "Creation of workstation account failed" although
the expected LDAP entry with Posix and Samba attributes was created
for the machine account. The second attempt to join the domain is OK.
I have exactly the same behavior with
add machine script = /bin/sh /root/add-machine.sh '%u'
where add-machine.sh is
/usr/local/sbin/smbldap-useradd -w $1 # create Posix stuff only
/usr/local/bin/smbpasswd -am $1 # add samba attributes
Do I have to simply give up the 'add machine script'
and add my computer accounts by hand before joining them?
Regards,
Thierry
More information about the samba
mailing list