[Samba] Samba LDAP and add machine script problems
Keith Robertson
keithro at gmail.com
Fri Jan 21 21:13:57 GMT 2005
I have done some further investigation and this is what I found. If I
change the uidNumber of
"uid=Administrator,ou=Users,dc=somedomain,dc=org" to 0 Samba will add
a computer to ou=Computers. However, it will still return an error to
the XP machine that is attempting to join the domain. The error code
is "The user name could not be found".
I plowed through the Samba logs and found this interesting tidbit,
though I'm not sure what to make of it. Any help analyzing it would
be greatly appreciated.
//---- Begin log
2005/01/21 15:11:08, 3] rpc_server/srv_samr_nt.c:_samr_create_user(2250)
_samr_create_user: Running the command
`/var/lib/samba/sbin/smbldap-useradd.pl -w 'amp$'' gave 0
[2005/01/21 15:11:08, 5] lib/username.c:Get_Pwnam(293)
Finding user amp$
[2005/01/21 15:11:08, 5] lib/username.c:Get_Pwnam_internals(223)
Trying _Get_Pwnam(), username as lowercase is amp$
[2005/01/21 15:11:08, 5] lib/username.c:Get_Pwnam_internals(239)
Trying _Get_Pwnam(), username as uppercase is AMP$
[2005/01/21 15:11:08, 5] lib/username.c:Get_Pwnam_internals(247)
Checking combinations of 0 uppercase letters in amp$
[2005/01/21 15:11:08, 5] lib/username.c:Get_Pwnam_internals(251)
Get_Pwnam_internals didn't find user [amp$]!
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_debug(82)
000000 samr_io_r_create_user
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_uint32(642)
0000 data1: 00000000
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_uint32(642)
0004 data2: 00000000
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_uint16(613)
0008 data3: 0000
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_uint16(613)
000a data4: 0000
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_uint8s(729)
000c data5: 00 00 00 00 00 00 00 00
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_uint32(642)
0014 access_granted: 00000000
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_uint32(642)
0018 user_rid : 00000000
[2005/01/21 15:11:08, 5] rpc_parse/parse_prs.c:prs_ntstatus(672)
001c status: NT_STATUS_NO_SUCH_USER
[2005/01/21 15:11:08, 5] rpc_server/srv_pipe.c:api_rpcTNP(1578)
api_rpcTNP: called samr successfully
//---- End log
>>
>> I'm trying to integrate Openldap with Samba version 3.0.10. I have
>> populated my LDAP server via smbldap-populate.pl and I've gotten
PAM to recognize
>> LDAP as an authentication mechanism. Thus, I can add a user with smbldap-
>> useradd.pl and su to that user.
>Can you do a straight login / ssh as that new user?
Yes
>> The problem I am having is when I attempt to add a computer from MS
>> Windoze XP.
>> When I attempt to join my domain XP prompts me for a user ID and password.
>> If I
>> enter a user ID of "root" with either my box's actual root password or the
>> password for the LDAP user
>> "uid=Administrator,ou=Users,dc=somedomain,dc=org"
>> I get the following: "unknown user or bad password". I suppose this
>> makes sense
>> because there are only two users in ou=Users (Administrator and nobody)
>> neither
>> of which is "root". Alternatively, if I attempt to join the domain
>> with a user ID
>> of "Administrator" I get "Access is denied".
>Somewhere in those howto's and example books that JHT, et al, has written he
>says to set the uid of the Administrator to 0. what UID does your
>administrator have? I believe from vague memory that the smbldap-populate
>script automatically sets the uid of the Administrator to 0. Just use
>smbldap-passwd Administrator to make sure that the password is set. then try
>adding your Machine again. This worked for me last night when I got the
>same error.
>tell us what happens.
>Regards Geoff.
More information about the samba
mailing list