[Samba] Problem managing user accounts by usermgr

M. Vancl mvancl at setuza.cz
Mon Apr 5 17:13:41 GMT 2004


I'm using samba 3.0.2 PDC with LDAP backend.
I'd like to be able to manage user accounts by Microsoft's usrmgr tool (from
srvtools package).
In my smb.conf are configured functional IDEALX scripts. Additionally I
added debug output to start of all scripts which prints current time and
parameters of script.
When I use usrmgr.exe for creating a new user account I get strange error
(insufficient privileges). Curiously on the ldap database is new user
account present after it. Exactly - there is account made by
smbldap-useradd. There are missing sambaLMPassword and sambaNTPassword and
displayName (Full Name in usrmgr) is set to default value "System User".
Interesting record is in session logfile:
[2004/04/05 18:37:41, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2251)
  could not add user/computer u11112 to passdb.  Check permissions?
When after it I do refresh of user list in usrmgr and try to correct newly
created account (Full Name and password) everything is ok.
When I look to my scripts debug log, I see that smbldap-passwd was called
only during my second attempt.
Next when I try delete user account by usrmgr, I got the same error message
as when was created - insufficient privileges. In the session log on samba
is record:
[2004/04/05 18:58:32, 0] passdb/pdb_ldap.c:ldapsam_delete_entry(269)
  ldapsam_delete_entry: Entry must exist exactly once!
But curiously account was successfully deleted. My script debug log contain
message about call od smbldap-userdel.

Does anybody know, what is the reason of it ?


M. Vancl

More information about the samba mailing list