[Samba] machine accounts aren't added properly with smbldap-useradd.pl + ldap backend

J B Bell jbbell at octigabay.com
Wed Oct 15 18:25:45 GMT 2003


Yay, I finally got my samba 3 PDC working!

Following a variety of indirect hints I used the root account to join,
rather than trying to mess around with various groups and group
mappings.  I had done this before, with no good effect, but checked more
carefully this time and found that it was my machine account that was
not being found, not the root account.

Further investigation shows that when using smbldap-useradd.pl -w
<machine>, the machine account does not get the objectClass
"SambaSAMAccount", and therefore it isn't found when the samba server
tries to authenticate it.

Using smbldap-useradd.pl -a instead seems to fix this problem, but then
the machine is not put into the Computers ou.  I can also use an ldap
editor (jxplorer, in my case) to manually add the objectclass, but this
is less than ideal.

Should I add this problem as a bug against smbldap-useradd.pl?  Or is
that not considered the right tool?

I have tried using the smbpasswd method (and yes, I have already done
smbpasswd -w); as the unix system uses ldap passwords itself, it should
work, but I always get the message 'failed initialise SAM_ACCOUNT for
user <machine>'.

Any advice, finally, on setting up roaming user profiles?  Most of our
users have single-machine local accounts, so I'd like to migrate those;
we have never had roaming users at all.

Thanks everyone for any help you can give!

--JB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031015/a05ed98a/attachment.bin


More information about the samba mailing list