createuser and samedit problems

Adam Read read_a at univerahealthcare.org
Wed Nov 15 21:16:16 GMT 2000


I can see all of the users from within samedit, but it fails on adding the
machine to the domain.  Winbind complains that it cannot find a file, but then
sees the domain correctly(debug @ 3).  I am a little confused as to what I
should modify in the /etc/pam.d/ directory also.  I will grab a copy of Redhat
6.2 to mirror your setup and maybe I can get this darn thing to work.
Thanks,
Adam
>>> chuckg at lexmark.com 11/15 3:57 PM >>>
I have made this work on both RH 6.1 and 6.2 ( I have not tried 7.0 yet due to
the problems with GCC 2.96, but I too digress...).  Most of the information
was
gleaned (if I remember correctly) from
http://www.kneschke.de/projekte/samba_tng/index.php3 and various links off of
this one, or tracing through the code (very interesting!!!).  What I was
looking
for was a way to authenticate to an NT  Domain using PAM from a program I was
writing , which I was able to do using samba-appliance (which, as you know is
a
mix of TNG and Samba HEAD) and more specifically the winbindd daemon.

Now to your problem, not knowing the error messages you are receiving I'm not
sure if I can help other than to mention that you can add the following lines
in
the SMB.CONF file to get more information in your log files "debuglevel=x" and
"loglevel=x", I have used as high as 100 (this creates mb of data in the log
files!!!) when I really wanted to see what was going on but I normally set
this
to 3 (this is the basic debug level if you ask me..)  Logs are located in
/usr/local/samba/var, one for each daemon running (i.e. log.smbd and
log.winbindd). This may give you enough information to determine what is wrong
with the password (I'm assuming the machine password), although this is set to
a
known value at first to join the domain.  The other thing that you can do is
that when you are at the  "samedit " prompt is to list the domain users (I
forget the command name, just type "h" to get the list of commands) to see if
you get the correct information back (i.e. a list of users defined to the
domain).

Hope this helps, let me know what you find.  Regards,

Chuck Grieshaber
chuckg at lexmark.com 




read_a%univerahealthcare.org at interlock.lexmark.com on 11/15/2000 02:21:04 PM

To:   samba-ntdom%us5.samba.org at interlock.lexmark.com 
cc:    (bcc: Chuck Grieshaber/Lex/Lexmark)
Subject:  Re: createuser and samedit problems



Now it finds the server(added it to the hosts file), though it should have
found
it via DNS, but I digress.  It seems to create the account, but not fully, and
then itsays it fails.  In NT server manager, it lists the account, but I
cannot
view any properties on it due to incorrect password?  I have moved to try and
get this to work on Red Hat7(guiness), so amy comments are appreciated.  What
OS, etc are you running that you got it to work, and BTW, where did you get
the
information?
Thanks,
Adam

>>> chuckg at lexmark.com 11/14 1:29 PM >>>
Make sure you have updated the smb.conf file in /usr/local/samba/lib with your
domain name and name of the PDC for that domain.  Also be sure that your box
that Samba is installed on can reach the PDC defined in the config file via
DNS
or /etc/hosts.  Also you will need to create the directory
/usr/local/samba/private before you run the createuser command (where the
password database will exist).  Be sure to have the administrator id and
password for the domain you are joining then use the commands: "samedit -S
pdcname -W domainname -U adminuseridonpdc" then  "createuser linixboxname$ -j
domainname -L".  You should get a message to the effect "Welcome linixboxname$
to domain domainname".  Hope this helps (it did work for me in this way...)
Regards,


Chuck Grieshaber
chuckg at lexmark.com 



read_a%univerahealthcare.org at interlock.lexmark.com on 11/14/2000 11:33:13 AM

To:   samba-ntdom%us5.samba.org at interlock.lexmark.com 
cc:    (bcc: Chuck Grieshaber/Lex/Lexmark)
Subject:  createuser and samedit problems



I am installing the newest build of the appliance and trying to get the samba
box to authenticate to the PDC(NT box).  Everything seems to install OK, but
when I go to add the machine using createuser within samedit , i get:
could not locate server for domain MYDOMAIN

Does anyone have a man page or some documentation as to what the command line
options for createuser mean.  There is nothing I can find that helps.  I also
need to get winbindd working, but that depends on this.  Do I just use
smbpasswd
to add it after adding it from server manager?

Many thanks from a desperate man,
Adam












More information about the samba-ntdom mailing list