[Samba] Need help configuring Samba3/LDAP PDC

Aaron Ogden aogden at gxt.com
Thu Jun 10 21:53:51 GMT 2004

 > Have you checked the logging on OpenLDAP?  I'd set the loglevel
 > to 488 and look at the queries samba is doing.  If you have
 > "root =  administrator admin" in your smbusers file then samba
 > will look for an ldap entry with uid=root.  grep the ldap log
 > file for that and comment out that line in smbusers if that
 > seems to be the case.
 > Rich

Hello Rich (and others), thanks for responding.  I turned up the 
loglevel, fixed some configuration errors in smb.conf, and commented the 
root= entry in smbusers. You were right, Administrator was being mapped 
to 'root'.  Now I can authenticate LDAP users in Samba, e.g. 'smbclient 
-L localhost -U Administrator' works properly.  Unfortunately I still 
cannot join the PDC machine to the domain and I think I know why.

When I run 'net rpc join -U Administrator' the machine account gets 
created but it is a posixAccount instead of a sambaSamAccount.  In other 
words it is a normal unix user account that is missing all of the 
samba-related fields.  Samba is calling the IDEALX smbldap-useradd.pl 
script to create the account but obviously I've got an error 
somewhere... the user accounts it creates are not samba-capable.  Does 
anyone know how to fix this?  Did I miss something in smbldap_conf.pm?

On a related note, I've imported lots of NIS data into this LDAP 
directory, so I have lots of valid Unix accounts.  These are working 
properly on LDAP-enabled linux machines, but how do I 'convert' them for 
use with Samba?  Ideally I would like to have one record for each user 
that contains all of the samba data as well as the unix data.  Is there 
an easy way to add the appropriate samba fields to 'normal' 
posixAccounts?  Is there a FAQ that covers the procedure?  Any help 
would be welcome.

thanks in advance,

More information about the samba mailing list