[Samba] Ldapscripts v1.0 !

Ganael Laplanche ganael.laplanche at martymac.com
Tue Feb 8 18:48:29 GMT 2005


Hi Jochen,

You must use the root account (or any account with an UID=0) on the client side
to join a machine to the domain...

The log of the ldapscripts are right : the POSIX account must has been created
on the LDAP directory (you can check it by searching the accounts on the LDAP
directory) BUT samba could not add its piece of info (LDAP attributes) on the
LDAP...

Sincerely,

Ganaël LAPLANCHE
ganael.laplanche at martymac.com
http://www.martymac.com
Tel : (+33)6.84.03.57.24.

---------- Original Message -----------
From: Jochen Witte <devnull at alpha-lab.net>
To: Ganael Laplanche <ganael.laplanche at martymac.com>
Cc: samba at lists.samba.org, samba-technical at lists.samba.org
Sent: Tue, 08 Feb 2005 18:17:37 +0100
Subject: Re: [Samba] Ldapscripts v1.0 !

> Hi
> 
> I just tried out YOur scripts on a brand new installation. Very cool
> but:
> 
> ldapscripts.log:
> ----------------
> >> 02/08/05 - 06:09:01  : Command : /usr/local/bin/ldapaddmachine
> Successfully added machine philippines$ to LDAP
> 
> samba-log:
> ----------
> [2005/02/08 18:09:01, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:02, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:03, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:04, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:05, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:06, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:07, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:08, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:09, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:10, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:11, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:12, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:13, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:14, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:15, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:16, 0] lib/smbldap.c:smbldap_open(881)
>   smbldap_open: cannot access LDAP when not root..
> [2005/02/08 18:09:16, 0] lib/smbldap.c:smbldap_search_suffix(1169)
>   smbldap_search_suffix: Problem during the LDAP search: (unknown)
> (Timed out)
> [2005/02/08 18:09:16, 0] rpc_server/srv_samr_nt.c:_samr_create_user
> (2398)
>   could not add user/computer philippines$ to passdb.  Check
> permissions?
> 
> => I am not able to add a machine account. Any hints?
> 
> /Jochen
> 
> Am Dienstag, den 08.02.2005, 15:27 +0000 schrieb Ganael Laplanche: 
> > Hi all,
> > 
> > I've been working on shell scripts that allow to manage ldap accounts (users,
> > groups, machines). They are similar to the smbldap-tools but do not need PERL to
> > work (and so on...) and are *very* simple to configure - they may be a good
> > alternative. The only tools you need are standard ldap client commands (ldapadd,
> > ldapdelete, ldapmodify, ldapsearch).
> > 
> > The scripts can be used as standalone commands or within Samba configuration :
> > 
> > add machine script = /usr/local/bin/ldapaddmachine '%u' sambamachines
> > add user script = /usr/local/bin/ldapadduser '%u' sambausers
> > add group script = /usr/local/bin/ldapaddgroup '%g'
> > add user to group script = /usr/local/bin/ldapaddusertogroup '%u' '%g'
> > delete user script = /usr/local/bin/ldapdeleteuser '%u'
> > delete group script = /usr/local/bin/ldapdeletegroup '%g'
> > delete user from group script = /usr/local/bin/ldapdeleteuserfromgroup '%u' '%g'
> > set primary group script = /usr/local/bin/ldapsetprimarygroup '%u' '%g'
> > 
> > (see README file for more details)
> > 
> > For those who want to give a try, you can find the tarball of ldapscripts v1.0
> > here :
> > 
> > http://contribs.martymac.com
> > http://linagora.org/article108.html
> > 
> > Just extract the tarball and type in "./install" as root...
> > 
> > These scripts are in early version, so feel free to send bug reports and any
> > feedback !
> > 
> > Ganael LAPLANCHE - http://www.martymac.com
> > ganael.laplanche at martymac.com
> > ganael.laplanche at linagora.org
> > 
> -- 
> Jochen Witte <devnull at alpha-lab.net>
------- End of Original Message -------



More information about the samba-technical mailing list