Fwd: Re: [Samba] add user script & samba 3.0b

Gémes Géza geza at kzsdabas.sulinet.hu
Fri Jun 20 18:03:21 GMT 2003 

What seems to be a dangerous thing to me is that your samba doesn't bend 
to lo (127.0.0.1 aka localhost) I'm not shure if it is the origin of 
your problems, but in the docs is written, that lots of tools, including 
smbpasswd (maybe others things too ?) relays on accessing localhost, if 
security=user. Anyway I would suggest to try with this new settings too. 
I'm really new to the 3.0 branch, and I would want an LDAP solution 
(Samba PDC+ Samba BDC).

Best Regards

Geza Gemes

robowarp at gmx.de írta:

> this is my smb.conf,
> as i failed before , the machine add script works on the fly, but the
> machine account which is right in the smbpasswd, does not login after
> required
> reboot win2k serv3 to domain, with failure message
> local computer account is not trusted
> My plan is to make samba easier administrate with usmgr, machine creation
> on
> the fly.
> 
> And i dont wanna use ldap.
> is anyone  working on that too? 
> 
>  
>
>>i compiled the beta on suse 8.2 from scratch
>>do sombody have any usefull comments about this config?
>> 
>>
>>
>>[global]
>>        dos charset = ASCII
>>        display charset = UTF8
>>        workgroup = LINUX
>>        interfaces = eth0
>>        bind interfaces only = Yes
>>        map to guest = Bad User
>>        passwd program = /usr/bin/passwd %u
>>        username map = /etc/samba/smbusers
>>        unix password sync = Yes
>>        log level = 2
>>        log file = /var/log/samba/%m
>>        time server = Yes
>>        keepalive = 255
>>        socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192
>>SO_RCVBUF=8192
>>        load printers = No
>>        printcap name = cups
>>        add user script = /usr/sbin/useradd -m %u
>>        delete user script = /usr/sbin/userdel -r %u
>>        add group script = /usr/sbin/groupadd -r %g
>>        delete group script = /usr/sbin/groupdel %g
>>        add user to group script = /usr/bin/gpasswd -a %u %g
>>        delete user from group script = /usr/bin/gpasswd -d %u %g
>>        set primary group script = /usr/sbin/usermod -g '%g' '%u'
>>        #create a group machines first !
>>        add machine script = /usr/sbin/useradd -g machines -c Machine -d
>>/dev/null -s /bin/false %u
>>        logon drive = z
>>        domain logons = Yes
>>        os level = 255
>>        preferred master = Yes
>>        domain master = Yes
>>        wins proxy = Yes
>>        wins support = Yes
>>        ldap ssl = no
>>        utmp = Yes
>>        host msdfs = Yes
>>        admin users = Administrator
>>
>>[homes]
>>        comment = Home Directories
>>        read only = No
>>        create mask = 0640
>>        directory mask = 0750
>>        browseable = No
>>
>>
>>
>>    
>>
>>>it seems that the developers group has changed the command name from
>>>add user script to add machine script
>>>you can see the difference only in the man page on the CVS tree
>>>after I changed it to this command in smb.conf - it worked.
>>>
>>>regards
>>>
>>>robowarp at gmx.de schrieb:
>>>
>>>      
>>>
>>>>HI if tested the add user script (samba3beta) and it works fine for me 
>>>>but the created machine account , it not followed
>>>>with a working login, win2k serv pack 3 says computer account is not
>>>>        
>>>>
>>>trusted
>>>      
>>>
>>>>in the domain,
>>>>this is is not a failure by the script , cause i tried traditional way
>>>>        
>>>>
>>>too.
>>>      
>>>
>>>>( smbpasswd -a -m )
>>>>any ideas?
>>>>Regards
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> 
>>>>
>>>>        
>>>>
>>>>>Howdy,
>>>>>
>>>>>I would like to use the samba server as a replacment for NT Servers.
>>>>>So I need the add user script command for adding new machines to the
>>>>>domain.
>>>>>This is no problem in all 2.2.X versions of samba which I used.
>>>>>But on version 3.0 alpha and beta it is not working.
>>>>>
>>>>>I am using debian 3.0r1 with the unstable package of samba 3.0beta.
>>>>>
>>>>>smb.conf:
>>>>>[global]
>>>>>   workgroup = unreal
>>>>>   server string = %h server (Samba %v)
>>>>>   log file = /var/log/samba/log.%m
>>>>>   syslog = 0
>>>>>   security = user
>>>>>   encrypt passwords = true
>>>>>   passdb backend = smbpasswd:/etc/samba/smbpasswd
>>>>>   socket options = TCP_NODELAY
>>>>>   wins server = 192.168.0.133
>>>>>   dns proxy = no
>>>>>   admin users = root, admin, administrator
>>>>>   add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
>>>>>          
>>>>>
>>bin/false
>>    
>>
>>>>>-M %u
>>>>>   domain logons = yes
>>>>>   domain master = yes
>>>>>   logon path = \\%N\profiles\%U
>>>>>   logon drive = H:
>>>>>   logon home = \\%N\%U
>>>>>   logon script = logon.bat
>>>>>
>>>>>samba.log:
>>>>>[2003/06/20 00:33:38, 0] smbd/service.c:set_admin_user(314)
>>>>>  root logged in as admin user (root privileges)
>>>>>[2003/06/20 00:33:39, 0]
>>>>>          
>>>>>
>>>passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(597)
>>>      
>>>
>>>>>  add_smbfilepwd_entry: cannot add account roof2$ without unix
>>>>>          
>>>>>
>>identity
>>    
>>
>>>>>[2003/06/20 00:33:39, 0] 
>>>>>rpc_server/srv_samr_nt.c:_api_samr_create_user(2313)
>>>>>  could not add user/computer roof2$ to passdb.  Check permissions?
>>>>>
>>>>>
>>>>>The same command line is working with 2.2.3a (Debian testing).
>>>>>
>>>>>thanks for any answer
>>>>>Thomas
>>>>>
>>>>>-- 
>>>>>To unsubscribe from this list go to the following URL and read the
>>>>>instructions:  http://lists.samba.org/mailman/listinfo/samba
>>>>>
>>>>>   
>>>>>
>>>>>          
>>>>>
>>>> 
>>>>
>>>>        
>>>>
>>>      
>>>
>>-- 
>>+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
>>Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
>>
>>
>>    
>>
>
>  
>

More information about the samba mailing list