LDAP Problems with PDC functionality

Martin Hofbauer Bacher Systems EDV mh at bacher.at
Tue Dec 22 16:19:14 GMT 1998 

On Tue, 22 Dec 1998, Matthew Chapman wrote:

> > 
> > I am testing the ldap funtionality with the latest cvs code :
> 
> Fantastic! It needs a bit of work yet and I need as many people as
> possible to try it out.
It is always motivating to have such response !

FYI: I am working on solaris 2.7, sparc, with no (!) extra ldap library
Only the new SUNWlldap Package. Compiles and runs without problems

> 
> > 1.) if you modify a User with command "smbpasswd <user>" the "dn:'
> > has always be set to:  "dn: uid=user,o=XX,c=AT",
> > 
> > If the Users "dn" is like: "dn: cn=Peter XXX,o=YYY,c=AT"
> > 
> > it is not working
> 
> OK will fix.
> 
> > 2.) Set a trusted machine account with "smbpasswd -m pc_test" results in
> > modifying  user attributes or something, not workstation attributes
> > to the LDAP Object:
> 
> Can you elaborate? Currently creating a machine account should create a
> fairly normal user, but with a W in acctFlags to indicate a workstation
> trust account. Is this W not being added?
> 
If you look at my original mail,you will see the acctFlags,
It is  "[DU      ]" !!! not  W 

I use following command: "smbpasswd -m pc_test"

Is it possible to change only U to W and try ro run it ?
... It will test it.

... but, that leads me to the question: Is it
possible with the current ldap code to get SAMBA PDC running ?


> > 
> > If you want to join the domain following errors occures:
> > [1998/12/21 23:13:58, 0] passdb/ldap.c:ldap_search_for(99)
> >   search: Protocol error
> 
> Can you try this at debug level 3 or higher please.
> 
> 	Matt
> 

After ( :-) ) this problem report i was gone throw the mailinglist archive
and found out, that there was a big discussion about the ldap schema:

Do you have a current ldap scheme ?

I looked through the source and so this is what I have constructed:

objectclass sambaAccount
            requires
                objectclass
            allows
                ntuid,
                description,
                uidNumber,
                gidNumber,
                rid,
                grouprid,
                lmPassword,
                ntPassword,
                pwdLastSet,
                smbHome,
                homeDrive,
                script,
                profile,
                workstations,
                acctFlags,
                pwdCanChange,
                pwdMustChange,
                logonTime,
                logoffTime,
                kickoffTime

How accurate is that ?



Thankx

Martin Hofbauer

More information about the samba-ntdom mailing list