group-scripts and machine-accounts

Ingo Steuwer steuwer at univention.de
Mon Oct 18 13:54:13 GMT 2004


Am Fr, den 01.10.2004 schrieb Igor Belyi um 18:03:
> Ingo Steuwer wrote:
> > we are using "set primary group script" and "delete user from group
> > script" in our smb.conf. Both are working fine with user-accounts but
> > get inconsistent options if we are changing machine-accounts. 
> > 
> > The "set primary group script" is called with machinename$, but "delete
> > user from group script" ist called with machinename_ (underscore instead
> > of $). Is this the preferred way or is it by mistake ?
> > 
> > Samba is version 3.0.7 with Patches for ldap-backend and quota-support
> > from samba 3.0.8.
> 
> Can you provide 'log level = 5' Samba log showing the problem?
> 
> Thanks,
> Igor

Sorry, it took me a really long time to answer. Attached you will find
two snipplets, one which creates a Host XPCLIENT$ andset its primary
group and a second one which tries to change the Clients Membership in
the Group "Domain Users" (XPCLIENT$ is not member of this group). Both
were created during a "vampire"-run.

Any questions are welcome.

Ingo Steuwer

[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam(293)
  Finding user XPCLIENT$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(223)
  Trying _Get_Pwnam(), username as lowercase is xpclient$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(230)
  Trying _Get_Pwnam(), username as given is XPCLIENT$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(247)
  Checking combinations of 0 uppercase letters in xpclient$
[2004/10/18 17:17:55, 5] lib/username.c:Get_Pwnam_internals(251)
  Get_Pwnam_internals didn't find user [XPCLIENT$]!
UNIVENTION Adding machine XPCLIENT
[2004/10/18 17:17:57, 1] utils/net_rpc_samsync.c:fetch_account_info(434)
  fetch_account: Running the command `/usr/sbin/univention-addmachine
"XPCLIENT$"' gave 0
[2004/10/18 17:17:57, 5] lib/username.c:Get_Pwnam(293)
  Finding user XPCLIENT$
[2004/10/18 17:17:57, 5] lib/username.c:Get_Pwnam_internals(223)
  Trying _Get_Pwnam(), username as lowercase is xpclient$
[2004/10/18 17:17:57, 5] lib/username.c:Get_Pwnam_internals(251)
  Get_Pwnam_internals did find user [XPCLIENT$]!
[2004/10/18 17:17:57, 3] utils/net_rpc_samsync.c:fetch_account_info(454)
  Attempting to find SID S-1-5-21-639708469-69564260-2107244640-1031 for
user XPCLIENT$ in the passdb
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
  smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(sambaSID=S-1-5-21-639708469-69564260-2107244640-1031)(objectclass=sa
mbaSamAccount))], scope => [2]
[2004/10/18 17:17:57, 4] passdb/pdb_ldap.c:ldapsam_getsampwsid(1379)
  ldapsam_getsampwsid: Unable to locate SID
[S-1-5-21-639708469-69564260-2107244640-1031] count=0
[2004/10/18 17:17:57, 3] utils/net_rpc_samsync.c:fetch_account_info(458)
  Attempting to add user SID S-1-5-21-639708469-69564260-2107244640-1031
for user XPCLIENT$ in the passdb
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
  smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(uid=XPCLIENT$)(objectclass=sambaSamAccount))], scope => [2]
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
  smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(sambaSID=S-1-5-21-639708469-69564260-2107244640-1031)(objectclass=sa
mbaSamAccount))], scope => [2]
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
  smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(uid=XPCLIENT$)], scope => [2]
[2004/10/18 17:17:57, 3] passdb/pdb_ldap.c:ldapsam_add_sam_account(1765)
  ldapsam_add_sam_account: User exists without samba attributes: adding
them
[2004/10/18 17:17:57, 2] passdb/pdb_ldap.c:init_ldap_from_sam(890)
  init_ldap_from_sam: Setting entry for user: XPCLIENT$
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_modify(1064)
  smbldap_modify: dn =>
[cn=XPCLIENT,cn=computers,dc=minds,dc=univention,dc=de]
[2004/10/18 17:17:57, 2] passdb/pdb_ldap.c:ldapsam_add_sam_account(1875)
  ldapsam_add_sam_account: added: uid == XPCLIENT$ in the LDAP database
[2004/10/18 17:17:57, 5] lib/smbldap.c:smbldap_search(1018)
  smbldap_search: base => [dc=minds,dc=univention,dc=de], filter =>
[(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-639708469-69564260-
2107244640-513))], scope => [2]
[2004/10/18 17:17:57, 2] passdb/pdb_ldap.c:init_group_from_ldap(1933)
  init_group_from_ldap: Entry found for group: 5001
UNIVENTION Set primary group Domain Users for user XPCLIENT$
[2004/10/18 17:17:59, 3] groupdb/mapping.c:smb_set_primary_group(1189)
  smb_set_primary_group: Running the command
`/usr/sbin/univention-setprimarygroup "XPCLIENT$" "Domain Users"' gave 0




[2004/10/18 17:18:31, 3] groupdb/mapping.c:smb_delete_user_group(1251)
  smb_delete_user_group: Running the command
`/usr/sbin/univention-deluser "XPCLIENT_" "Domain Users"' gave 1
UNIVENTION Removing user PALME_ from group Domain Users
ERROR: account not found, nothing modified



-- 
Ingo Steuwer       steuwer at univention.de         fon: +49 421 22 232- 0
Entwicklung        Linux for Your Business       
Univention GmbH    http://www.univention.de/     fax: +49 421 22 232-99



More information about the samba-technical mailing list