[Samba] Samba+PDC+LDAP+add user script - problem

Markus Schabel markus.schabel at tgm.ac.at
Thu Jul 4 15:38:04 GMT 2002

----- Original Message -----
From: "Markus Schabel" <markus.schabel at tgm.ac.at>
To: <samba at lists.samba.org>
Sent: Wednesday, July 03, 2002 1:57 PM
Subject: [Samba] Samba+PDC+LDAP+add user script - problem

> Hi!
> I've a problem, I'm using samba 2.2.5-1 (debian unstable source), which I
> compiled as the idealx howto explains, and all seems to work fine. Adding
> Computer Accounts with "smbldap-useradd.pl -w <name>" works fine, but when i
> specify
> add user script = /usr/local/sbin/smbldap-useradd.pl -w %
> in the smb.conf, it works fine for the first computer I add automatically. But
> when I add another computer, all is broken. I can't connect to the domain from
> the first and from the second computer.
> What happens, when I add the second computer is, that the password-entries in
> the ldap FOR the second computer are stored in the ldap-entries from the first
> computer (also the cn and displayNames are overwritten), and the
> password-entries in the ldap-entrie from the second computer are also filled,
> but I've no idea where these hashes come from - they simply don't work,
> the working entries are changed in the wrong computer-entry in the ldap.
> But when I run the smbldap-useradd.pl-script as root/administrator (tried
> from the shell all works fine.
> Any ideas where the problem is?
> greetz

What exactly happens is, that the smbldap-useradd.pl script creates the
machine-trust-accounts correctly, but when the client generates the
password-hashes for the PDC, samba inserts these hashes in the wrong LDAP-entry
(based on a wrong rid). Any idea how I can solve this?


More information about the samba mailing list