Réf. : [Samba] add machine script wont add Postfix account

stephane.purnelle at corman.be stephane.purnelle at corman.be
Fri Mar 26 15:14:27 GMT 2004


I have the same problem with my PDC.

Work fine:
Modify the script for add samba attribute ( three lines)
Execute manually the entry (with smbldap-useradd.pl -w machine1)
Try to join the domain

Don't work  :
Samba call the smbldap-useradd -w %u and the script is not modified.

I use samba 3.0.2a RH 8.0 openldap 2.1.25

Stéphane PURNELLE                         stephane.purnelle at corman.be
Service Informatique       Corman S.A.           Tel : 00 32 087/342467

|         |           Stagiair <stage at themindconnection.com>        |
|         |           Envoyé par :                                  |
|         |           samba-bounces+stephane.purnelle=corman.be at list|
|         |           s.samba.org                                   |
|         |                                                         |
|         |                                                         |
|         |           26/03/2004 16:06                              |
|         |                                                         |
  |                                                                                               |
  |        Pour :   samba at lists.samba.org                                                         |
  |        cc :                                                                                   |
  |        Objet :  [Samba] add machine script wont add Postfix account                           |

He Guys,

When we add a client pc (win2k) to our domain everything goes well
except that the add machine script wont run.
A computer will be created within the lDAP directory but not with the
add machine script.
The following is our situation.

Fedora Core1

# Global parameters
        workgroup = T3E
        server string = domeinserver
        bind interfaces only = Yes
        passwd program = /usr/sbin/smbldap-passwd.pl %u
        passwd chat = *new*password* %n *new*password* %n *successfully*
        passwd chat debug = Yes
        passdb backend = ldapsam:ldap://localhost
        #unix password sync = Yes
        log level = 2
        log file = /var/log/samba/samba.log.%m
        time server = Yes
        socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
        add user script = /usr/sbin/smbldap-useradd.pl -a -m %u
        add machine script = /usr/sbin/smbldap-useradd.pl -w %u
        delete user script = /usr/sbin/smbldap-userdel.pl -r %u
        add group script = /usr/sbin/smbldap-groupadd.pl %g
        delete group script = /usr/sbin/smbldap-groupdel.pl %g
        add user to group script = /usr/sbin/smbldap-usermod.pl -G %g %u
        domain logons = Yes
        os level = 34
        preferred master = Yes
        domain master = Yes
        wins support = Yes
        ldap suffix = o=T3E,c=nl
        ldap admin dn = cn=Manager,o=T3E,c=nl
        ldap group suffix = ou=groups
        ldap machine suffix = ou=computers
        ldap user suffix = ou=people
        ldap ssl = no
        admin users = root
        hide unreadable = Yes
        logon path = \\%N\%U\.winprofile
        logon script = netwerk.bat
        encrypt passwords = Yes
        username map = /etc/samba/smbusers
As you see we use the smbldap-tools to execute when a client logins to
the domain.
After login the following entry will be made in LDAP:

dn: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl
uid: tmc-ontwikkelpc$
sambaSID: S-1-5-21-1973588340-308753574-2243378783-3006
sambaPrimaryGroupSID: S-1-5-21-1973588340-308753574-2243378783-3007
objectClass: sambaSamAccount
objectClass: account
sambaPwdCanChange: 1080312437
sambaPwdMustChange: 2147483647
sambaLMPassword: F64C97556FCFA59023753BB150C8A535
sambaNTPassword: E5C3C09DB2CAD5D92CBE5054CCBB7A27
sambaPwdLastSet: 1080312437
sambaAcctFlags: [W          ]

If we do a client add by hand (/usr/sbin/smbldap-useradd.pl -w %u) we
get the following entry in the LDAP dir:

dn: uid=test$,ou=computers,o=T3E,c=nl
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
cn: test$
sn: test$
uid: test$
uidNumber: 1000
gidNumber: 10012
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer

This is a really different schema, and this is the one that we need.
Anyone  sees what were doing wrong?

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list