[Samba] Joining PDC w/LDAP Question

Peak, John John.Peak at McKesson.com
Wed Feb 12 13:49:09 GMT 2003 

Buchan, 

I really appreciate the help as this has pointed me in the right
direction.  The "getent passwd asa$" does not show anything unless I add
the machine manually.  Should I be putting the following directive in my
nsswitch.conf file to be able to perform host lookups from LDAP
properly?:

hosts:  files ldap dns 

I've noticed that some people do this and some do not in their
configurations.  I would think that after a Computer record is inserted
in my LDAP directory by Samba that NSS needs this directive to actually
lookup the computer.  When I try this it gives me a "Segmentation
Fault".  Any additional thoughts or suggestions for me at this point?

Regards, 
John 


 -----Original Message----- 
From:   Buchan Milne [ mailto:bgmilne at cae.co.za
<mailto:bgmilne at cae.co.za> ] 
Sent:   Tuesday, February 11, 2003 3:26 PM 
To:     Peak, John 
Cc:     samba at lists.samba.org 
Subject:        Re: [Samba] Joining PDC w/LDAP Question 

> Date: Tue, 11 Feb 2003 08:58:22 -0500 
> From: "Samba Newsgroups" <john.peak at mckesson.com> 
> To: samba at lists.samba.org 
> Subject: [Samba] Joining PDC w/LDAP Question 
> Message-ID: <b2b7nk$5g4$1 at main.gmane.org> 
> Precedence: list 
> Message: 15 
> 
> Should I be required to add the machine to my passwd file even if I am
using 
> LDAP when joining a W2K domain domain? 

No, an LDAP account is enough, as long as your box is setup to retrieve 
user information from ldap (ie via nss_ldap). 

> The only way I can get a machine to 
> join my Samba PDC is via the following commands. 
> 
> # /usr/sbin/useradd -g 100 -d /dev/null -c "asa" -s /bin/false asa$ 
> # smbpasswd -a -m asa 

Does 'getent passwd machinename$' return a valid entry on your DC? It 
needs to at present (samba-2.2.x). 

> 
> I thought that using ldapsam would lookup all machine information from
LDAP 
> without having to deal with passwd.  Any comments would be
appreciated. 
> Thanks. 

Mandrake packages have this example: 
# Script for domain controller with LDAP backend for adding machines
(please 
# configure in /etc/samba/smbldap_conf.pm first): 
; add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w -d

/dev/null -g machines -c 'Machine Account' -s /bin/false %u 

Where we provide the smbldap-tools (in examples/LDAP in the souce) in 
/usr/share/samba/scripts 

Buchan 

-- 
|--------------Another happy Mandrake Club member--------------| 
Buchan Milne                Mechanical Engineer, Network Manager 
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121 
Stellenbosch Automotive Engineering         http://www.cae.co.za
<http://www.cae.co.za>  
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
<http://ranger.dnsalias.com/bgmilne.asc>  
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7

More information about the samba mailing list