group-scripts and machine-accounts
Ingo Steuwer
steuwer at univention.de
Mon Oct 18 13:54:13 GMT 2004
Am Fr, den 01.10.2004 schrieb Igor Belyi um 18:03:
> Ingo Steuwer wrote:
> > we are using "set primary group script" and "delete user from group
> > script" in our smb.conf. Both are working fine with user-accounts but
> > get inconsistent options if we are changing machine-accounts.
> >
> > The "set primary group script" is called with machinename$, but "delete
> > user from group script" ist called with machinename_ (underscore instead
> > of $). Is this the preferred way or is it by mistake ?
> >
> > Samba is version 3.0.7 with Patches for ldap-backend and quota-support
> > from samba 3.0.8.
>
> Can you provide 'log level = 5' Samba log showing the problem?
>
> Thanks,
> Igor
Sorry, it took me a really long time to answer. Attached you will find
two snipplets, one which creates a Host XPCLIENT$ andset its primary
group and a second one which tries to change the Clients Membership in
the Group "Domain Users" (XPCLIENT$ is not member of this group). Both
were created during a "vampire"-run.
Any questions are welcome.
Ingo Steuwer
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam(293)
Finding user XPCLIENT$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(223)
Trying _Get_Pwnam(), username as lowercase is xpclient$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(230)
Trying _Get_Pwnam(), username as given is XPCLIENT$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(247)
Checking combinations of 0 uppercase letters in xpclient$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(251)
Get_Pwnam_internals didn't find user [XPCLIENT$]!
UNIVENTION Adding machine XPCLIENT
[2004/10/18 17:17:57, 1] utils/net_rpc_samsync.c:fetch_account_info(434)
fetch_account: Running the command `/usr/sbin/univention-addmachine
"XPCLIENT$"' gave 0
[2004/10/18 17:17:57, 5] lib/username.c:Get_Pwnam(293)
Finding user XPCLIENT$
[2004/10/18 17:17:57, 5] lib/username.c:Get_Pwnam_internals(223)
Trying _Get_Pwnam(), username as lowercase is xpclient$
[2004/10/18 17:17:57, 5] lib/username.c:Get_Pwnam_internals(251)
Get_Pwnam_internals did find user [XPCLIENT$]!
[2004/10/18 17:17:57, 3] utils/net_rpc_samsync.c:fetch_account_info(454)
Attempting to find SID S-1-5-21-639708469-69564260-2107244640-1031 for
user XPCLIENT$ in the passdb
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(sambaSID=S-1-5-21-639708469-69564260-2107244640-1031)(objectclass=sa
mbaSamAccount))], scope => [2]
[2004/10/18 17:17:57, 4] passdb/pdb_ldap.c:ldapsam_getsampwsid(1379)
ldapsam_getsampwsid: Unable to locate SID
[S-1-5-21-639708469-69564260-2107244640-1031] count=0
[2004/10/18 17:17:57, 3] utils/net_rpc_samsync.c:fetch_account_info(458)
Attempting to add user SID S-1-5-21-639708469-69564260-2107244640-1031
for user XPCLIENT$ in the passdb
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(uid=XPCLIENT$)(objectclass=sambaSamAccount))], scope => [2]
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(sambaSID=S-1-5-21-639708469-69564260-2107244640-1031)(objectclass=sa
mbaSamAccount))], scope => [2]
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(uid=XPCLIENT$)], scope => [2]
[2004/10/18 17:17:57, 3] passdb/pdb_ldap.c:ldapsam_add_sam_account(1765)
ldapsam_add_sam_account: User exists without samba attributes: adding
them
[2004/10/18 17:17:57, 2] passdb/pdb_ldap.c:init_ldap_from_sam(890)
init_ldap_from_sam: Setting entry for user: XPCLIENT$
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_modify(1064)
smbldap_modify: dn =>
[cn=XPCLIENT,cn=computers,dc=minds,dc=univention,dc=de]
[2004/10/18 17:17:57, 2] passdb/pdb_ldap.c:ldapsam_add_sam_account(1875)
ldapsam_add_sam_account: added: uid == XPCLIENT$ in the LDAP database
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-639708469-69564260-
2107244640-513))], scope => [2]
[2004/10/18 17:17:57, 2] passdb/pdb_ldap.c:init_group_from_ldap(1933)
init_group_from_ldap: Entry found for group: 5001
UNIVENTION Set primary group Domain Users for user XPCLIENT$
[2004/10/18 17:17:59, 3] groupdb/mapping.c:smb_set_primary_group(1189)
smb_set_primary_group: Running the command
`/usr/sbin/univention-setprimarygroup "XPCLIENT$" "Domain Users"' gave 0
[2004/10/18 17:18:31, 3] groupdb/mapping.c:smb_delete_user_group(1251)
smb_delete_user_group: Running the command
`/usr/sbin/univention-deluser "XPCLIENT_" "Domain Users"' gave 1
UNIVENTION Removing user PALME_ from group Domain Users
ERROR: account not found, nothing modified
--
Ingo Steuwer steuwer at univention.de fon: +49 421 22 232- 0
Entwicklung Linux for Your Business
Univention GmbH http://www.univention.de/ fax: +49 421 22 232-99
More information about the samba-technical
mailing list