[Samba] Manual creation of machine trust and comments on Samba books

[John H Terpstra]

On Wed, 14 Jan 2004, Beast wrote:

>
> I just receive a copy of the official samba 3 howto, to be honest i'm
> rather disapoint with the content and layout. Well with free online
> version, i can't complaint, but with 'paid' version maybe i can complain
> to the author :-).

Go on, complain. I have been listening to your contribution to this list
for some time. Did you check what we started out with by any chance?

As the primary author, now that the book is in print, I too can see many
areas where it can be improved. So far however, I have not seen a rush of
new, vital, contributed material. This is a community project you know. Up
to this point I have rejected only 2 submissions for inclusion out of over
50 instances of feedback. those 2 were inaccurate. All other feedback has
resulted in change/addition to the document.

> Most of the contents are still the old documentation with few 'little'
> updation for samba3. Imo, its better if it can be rewrite from scratch
> focusing on samba3 only. Ie, it should focusing on ldapbackend instead
> on other backend.

The document I started with was the Samba-HOWTO-Collection.pdf that
shipped with Samba-2.2.x. It was 88 pages. That is it. Everything else in
the book is recently added material. Where was your input when we were
begging for help, for ideas, for needs, and for input etc.? I spent 7
months writing to get this to where it is. What we have in the book and in
the Samba-HOWTO-Collection is just a start!

I have just finished writing the "Samba-3 by Example" book. This book
provides detailed sample networks, discusses the needs of each, and
provides a step-by-step fully worked example. If you follow the examples
you will have a completly functioning network.

Rome was not built in one day. :)

> The definitive guide books (imo) should contains following chapter :
> 1. Installation and other compile options.
> 2. Setup and configuration with real world working config and screenshot if possible on server and client side.
> 3. Performance tuning and optimization (server and client, including related s/w , ie. openldap)
> 4. Troubleshooting.
> 5. Index.

Great. Please start writing. Send me your material. I will do everything I
can to include ANYTHING that can help to document Samba so that others do
not have to endure pain.

> Enough with my complain, now from chapter 6, page 69:
> Manual creation of machine trust account, it focus on smbpasswd/tdbsam backend only, not ldap.

Ok. But in the LDAP section I tried to provide information so that you do
not need to add machine accounts manually. I agree this can be better
documented. When will you be able to send me your suggested notes for
inclusion?

> I have valid posixaccount entry in ldap :
> [root at potato samba]# smbpasswd -a -m tbird
> ldapsam_modify_entry: Failed to add user dn= uid=tbird$,ou=people,dc=indorama,dc=com with: Already exists
>
> ldapsam_add_sam_account: failed to modify/add user with uid = tbird$ (dn = uid=tbird$,ou=people,dc=indorama,dc=com)
> Failed to add entry for user tbird$.
> Failed to modify password entry for user tbird$

It is a little difficult to diagnose what information is in your LDAP
database for the machine 'tbird', without you showing me.

Have you already tried to add the machine to the network?

What steps led up to this?

Cheers,
John T.
-- 
John H Terpstra
Email: jht at samba.org