[Samba] Re: smbldap-tools 8.3 populate errors

Sat Jan 17 17:39:49 GMT 2004

Manfred,
Thank you for responding to my post. I am always encouraged to hear from
someone who is also using SuSE just in case the problems we are facing
could somehow be unique to the distribution. I have been struggling with
this off and on for about three months now. My most recent attempt followed
pretty closely the recent post by Vegeta on 2004-01-14. He is also using
SuSE 9.0. I have had nothing but trouble dealing with adding computer
accounts. I think his comments regarding the ldap search in smb.conf and
the parameters in ldap.conf made a differnece in resolving my problems. I
also had a '-a' in my 'machine add script' and I noticed in the smb.conf
supplied with the 8.3 tools that it is not present in their example. That
makes sense, because the samba ldap information is to be added
automatically by samba when the domain is joined. Anyway, yesterday when I
had problems with the populate script I went back to the 8.2 scripts,
repopulated and tried to add a machine account from Windows NT and Windows
2000 clients they both worked for the first time. From your post I am now
concerned if the new 8.3 scripts will introduce some new problems.
Yesterday after I was finally able to add machine accounts, I was unable to
join the domain. I think this problem is caused by the fact that I had
previously signed onto this domain with a different SID. I'll have to
pursue this problem Monday when I get back to work. I'll be glad to help
you if I am able. I added a 'root' account (smbldap-useradd -a root), set
the password, went into my ldap editor and changed the uidNumber = 0, the
posix group number to 0, and the SID to 500. I think I changed the group
SID to 512, but I am not at work now and can't check for sure.
Curtis Grote
Memorial Hospital

Odenstein wrote:

> Hi,
> The tgz file is incomplete, I've notced this too. The rpm is complete, so
> I've downloaded the rpm file instead, unpacked it, and copied the scripts
> to their respective location.
> 
> My system is now runnung, but I think there are some bugs in the populate
> script, e.g. the SID of the Administrator account should end with -500 as
> I know, because it's predefinded. Any comment from the author ???
> 
> and please take care of the default groups in the smbldap.conf file,
> default machine account points to "Print Operators" (550) should be
> "Domain Computers" (553).
> 
> I've also changed the gidNumber and uidNumber of the guest account and
> "Domain Guest" group to the default values of my system (SuSE9)
> 
> after this all worked correctly except some log-entries .
> "Failed to open group mapping database" ....
> 
> and
> 
> "failed to decode PDU"
> 
> any suggestions ...?
> 
> regards odi
> 
> Am Freitag, 16. Januar 2004 21:16 schrieb Curtis Grote:
>> I downloaded the new 8.3 (tgz format) ldap-tools from IDEALX today. When
>> I run the smbldap-po
> pulate script I receive an error that it cannot find the
>> smbldap_tools.pm file. This file was not included in the tar file. If I
>> use the tools file from the samba 3.0.2pre1 distribution it is then
>> expecting the old smbldap_conf.pm file which has now been split in favor
>> of the /etc/smbldap-tools config. I do not know if the populate script is
>> broken or a 'tools' file should have been included in the distro.
>>
>> (I did run configure.pl prior to trying to populate).
>>
>> Curtis Grote
>> Memorial Hospital
> 