[Samba] Re: Cannot join SAMBA domain from XP/2K
Alexei Monastyrnyi
alexeim at orcsoftware.com
Sat Sep 18 08:02:23 GMT 2004
Hi.
>> Not necessarily... My IDEALX scripts are configured to store SAMBA
>> machines in ou=Computers.
>
>
>
> Then that is your problem, in a sense. While posix accounts are
> created wherever you tell idealx to make them, the system is having
> trouble finding them. Samba is limited to the environment it is
> running in, in that it uses the getpwnam call (somebody tuna slap me
> if I'm using the wrong call here) and that searches under ou=People
> unless you've reconfigured nss_ldap.
> That being said you either need to reconfigure the passwd (and maybe
> shadow) line in your ldap.conf file or start storing everything in
> ou=People. If you're not doing anything else with ldap that you don't
> want machine accounts showing up in then I'd suggest the latter route.
>
I did change it (of coarse). Sorry I didn't' put all necessary extracts
from configs in my first postings...
In ldap.conf I have
scop sub
pam_filter objectclass=posixAccount
pam_login_attribute uid
nss_base_passwd dc=mydomani,dc=com?sub
nss_base_group dc=mydomain,dc=com?sub
>>> Did you check your LDAP tree if Posix record was added for machine?
>>
>>
>> Positive. Posix machine account is created during join operation,
>> under ou=Computers, as it is desired...
>
>
> But is it modified to include the sambaSamAccount object class and
> requred attributes? My guess is no.
>
You're right... That is what bothers me... :-)
A.
More information about the samba
mailing list