[Samba] LDAP adding workstation accounts fails (but not really???)
Pat Riehecky
prieheck at iwu.edu
Wed Feb 20 17:53:49 GMT 2008
This is highly weird. I am trying to setup LDAP as the back for my
samba test system, all is going well, except for adding workstation
accounts to the server.
# net rpc join -S TESTING -U root%password
Creation of workstation account failed
Unable to join domain IWU.EDU.
Yet, if I search LDAP after the join attempt I find:
dn: uid=testing$,ou=Computers,dc=iwu,dc=edu
objectClass: top
objectClass: account
objectClass: posixAccount
cn: testing$
uid: testing$
uidNumber: 1001
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
My LDAP logs show it is searching ou=People rather than ou=Computers to
see if it was added successfully. What must I do to make it search
ou=Computers?
testparm reports the following in my smb.conf global section and reports
no errors.
[global]
workgroup = TESTING
netbios name = TESTING
server string = %h server
security = DOMAIN
passdb backend = ldapsam:ldap://localhost
log level = 2
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
load printers = No
add machine script = smbldap-useradd -w -s /bin/false "%u"
domain logons = Yes
preferred master = Yes
domain master = Yes
dns proxy = No
ldap admin dn = cn=admin
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=iwu,dc=edu
ldap ssl = no
ldap user suffix = ou=People
panic action = /usr/share/samba/panic-action %d
idmap uid = 15000-25000
idmap gid = 15000-25000
More information about the samba
mailing list