[Samba] smbpasswd -a -m machine fails: "Failed to modify password
entry"
John H Terpstra
jht at samba.org
Sat Dec 27 22:10:00 GMT 2003
Hi,
Please put the machine accounts into the People (in your case
the 'accounts') container. This is a known
bug in Samba-3 - it does not search the Computers (in your case
'hardware') container for computer accounts.
This should solve your problem.
- John T.
On Sat, 27 Dec 2003 mamue at lb-bbs1.emd.ni.schule.de wrote:
> Hi,
>
> i try to create a new machine account, like i always did, but haven't done
> since 3.x. My backend is ldap:
> passdb backend = ldapsam:ldap://fileserver
> idmap backend = ldapsam:ldap://fileserver
> As root I do the following:
> smbpasswd -D 10 -a -m admeta
> ---------------------------------
> Netbios name list:-
> my_netbios_names[0]="FILESERVER"
> tdb(unnamed): tdb_brlock failed (fd=3) at offset 4 rw_type=1 lck_type=13:
> Resource temporarily unavailable
> Trying to load: ldapsam:ldap://fileserver
> Attempting to register passdb backend ldapsam
> Successfully added passdb backend 'ldapsam'
> Attempting to register passdb backend ldapsam_compat
> Successfully added passdb backend 'ldapsam_compat'
> Attempting to register passdb backend smbpasswd
> Successfully added passdb backend 'smbpasswd'
> Attempting to register passdb backend tdbsam
> Successfully added passdb backend 'tdbsam'
> Attempting to register passdb backend guest
> Successfully added passdb backend 'guest'
> Attempting to find an passdb backend to match ldapsam:ldap://fileserver
> (ldapsam)
> Found pdb backend ldapsam
> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=BBS1_EMDEN))]
> smbldap_search_suffix: searching
> for:[(&(objectClass=sambaDomain)(sambaDomainName=BBS1_EMDEN))]
> smbldap_open_connection: ldap://fileserver
> smbldap_open_connection: connection opened
> ldap_connect_system: Binding to ldap server ldap://fileserver as
> "cn=root,dc=bbs1-emden,dc=schule"
> ldap_connect_system: succesful connection to the LDAP server
> The LDAP server is succesful connected
> pdb backend ldapsam:ldap://fileserver has a valid init
> Attempting to find an passdb backend to match guest (guest)
> Found pdb backend guest
> pdb backend guest has a valid init
> smbldap_search_suffix: searching
> for:[(&(uid=admeta$)(objectclass=sambaSamAccount))]
> ldapsam_getsampwnam: Unable to locate user [admeta$] count=0
> Finding user admeta$
> Trying _Get_Pwnam(), username as lowercase is admeta$
> Trying _Get_Pwnam(), username as uppercase is ADMETA$
> Checking combinations of 0 uppercase letters in admeta$
> Get_Pwnam_internals didn't find user [admeta$]!
> Failed to initialise SAM_ACCOUNT for user admeta$.
> Failed to modify password entry for user admeta$
> ----------------------------------------------------
> What do I do wrong?
> ldapsearch -x -D ADMIN-DN -w "secret" uid=admeta* says:
> dn: uid=admeta$,ou=hardware,dc=bbs1-emden,dc=schule
> objectClass: posixAccount
> objectClass: account
> cn: admeta$
> uid: admeta$
> uidNumber: 10090
> gidNumber: 502
> homeDirectory: /home/admeta
> loginShell: /bin/false
> description: machine
> l: ver
> userPassword:: e1NNRDV9VnFXV0F0Z2JBKzVyYTFLN2VwVzVIOGlUM3h3PQ==
>
> The machine is in group ou=hardware. My /etc/ldap.conf is:
> URI ldap://localhost:389/
> BASE dc=bbs1-emden,dc=schule
>
> pam_filter objectclass=posixAccount
> pam_login_attribute uid
> nss_base_passwd ou=accounts,dc=bbs1-emden,dc=schule?one
> nss_base_group ou=groups,dc=bbs1-emden,dc=schule?one
>
> My smb.conf is:
> [global]
> workgroup = BBS1_EMDEN
> passdb backend = ldapsam:ldap://fileserver
> idmap backend = ldapsam:ldap://fileserver
> ldap suffix = dc=bbs1-emden,dc=schule
> ldap user suffix = ou=accounts
> ldap group suffix = ou=groups
> ldap machine suffix = ou=hardware
> ldap idmap suffix = ou=idmap
> idmap uid = 40000-60000
> idmap gid = 40000-60000
> ldap admin dn = cn=root,dc=bbs1-emden,dc=schule
> ldap ssl = off
>
> I tried various things, but I simply have no idea what might be wrong.
> (tried cn=admeta$, copied uid=admeta$ to ou=accounts => duplicate entries)
>
> Has anybody any idea?
>
> Thanks,
> Malte Mueller
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list