[Samba] Interesting usrmgr.exe issue

cooper cooper.list at gmail.com
Fri Apr 1 13:46:25 GMT 2005

I have a Samba3 PDC/LDAP/PAM/NSS running in a lab.  Everything works
great.  I am using the smbldap scripts for in smb.conf so i can use
usrmgr.exe.  Last night I was testing to make sure it was all working
ok.  I added about 6 accounts throught usrmgr.exe with no problem. 
The smbldap scripts added the user to LDAP, and then samba 'extended'
them to samba accounts.  Then I tried to add an account for myself
using my usual username.  It failed.  I tried again, it failed.  I was
given an error of "Access Denied"  My troubleshooting went as follows:

-run the smbldap script on the local machine.  LDAP posix account added OK.
-run smbpasswd -a username.  Account 'extended to samba account OK.
-Deleted the account
-run smbpasswd -a username.  Failed "Cannot create user", but a user
account appeared in ldap.  It only had sambaaccount objecttype. No
posixaccount, no shadowaccount, no inetorgperson.  Hmmm, strange.

After about an hour of scrambling, I figured out what was happening. 
My 'usual' useraccount was already in the local machines /etc/passwd. 
After removing it from /etc/passwd all attempts to add the account
were successful.  So my question is . . .

Does samba do some check on /etc/passwd, before adding an account,
even if ldap is used as the backend passdb?



More information about the samba mailing list