[Samba] Using the same LDAP entry for posixAccount and
sambaSamAccount with smbldap
Carlos García Recio
carlos at senado.es
Thu Feb 19 11:07:49 GMT 2004
samba 3.0.2
smbldap-tools 0.8.4
RH 9
nss_ldap configured
pam_ldap NOT configured
LDAP passwd backend
winxp pro domain member
Hello,
i've configured smbldap-tools in smb.conf to manage users from usrmgr.exe. It
works at group creation but have a strange behavior in user creation. In the
LDAP there are two manually created accounts; Administrador & invitado, both
posixAccount and sambaSamAccount. When i try to create a new account with
usrmgr using "smbldap-useradd %u" in "add user script" i get this error:
[2004/02/19 11:37:53, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1634)
ldapsam_add_sam_account: failed to modify/add user with uid = juan (dn =
uid=juan,ou=People,o=senado.es)
[2004/02/19 11:37:53, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2251)
could not add user/computer juan to passdb. Check permissions?
The usrmgr shows me an "Access denied" window and as result i can find a new
entry in the LDAP server with uid=juan that is a posixAccount and
shadowAccount.
It looks like smbldap-useradd create a new entry (posixAccount) in the LDAP
server and then samba tries to create the same entry (but with
sambaSamAccount i think)
I can get rid this error making a conventional unix account with "useradd"
(created in /etc/passwd) and then adding the user with usrmgr. As result i
get a new entry in the LDAP server that is a sambaSamAccount but not a
posixAccount. (in this case i think that i didn't use add user script)
The question is, how must i configure to create new users throw usrmgr with
add user script = ...smbldap-useradd %u and getting as result a new entry in
the LDAP server that is both posixAccount and sambaSamAccount?
Thanks in advance!
Carlos
More information about the samba
mailing list