[Samba] ldap smbpasswd

synrat synrat at wirewalk.org
Sun Jan 30 01:24:40 GMT 2005 

freebsd 5.3, samba 3.10

I get this far with LDAP/Samba integrationg.
Stuck on creating users/machines with smbpasswd -a (-m) username command.

schema files weren't modified, everything else is pretty much at defaults.

First the relevant config parts:

passdb backend = ldapsam_compat:ldap://localhost/
ldap suffix = dc=company,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap admin dn = "cn=Manager,dc=company,dc=com"
-------------------------------------

include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/samba.schema

access to attrs=userPassword,sambaLMPassword,sambaNTPassword
      by self write
      by anonymous auth
      by * none
access to *
      by * read

------------------------------------------

bash-2.05b# smbpasswd -D 256 -a username
Netbios name list:-
my_netbios_names[0]="SKYWALKER"
Trying to load: ldapsam_compat:ldap://localhost/
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match 
ldapsam_compat:ldap://localhost/ (ldapsam_compat)
Found pdb backend ldapsam_compat
pdb backend ldapsam_compat:ldap://localhost/ has a valid init
Attempting to find an passdb backend to match guest (guest)
Found pdb backend guest
pdb backend guest has a valid init
New SMB password:
Retype new SMB password:
smbldap_search: base => [dc=company,dc=com], filter => 
[(&(uid=username)(objectclass=sambaAccount))], scope => 
[2]smbldap_open_connection: ldap://localhost/
smbldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server ldap://localhost/ as 
"cn=Manager,dc=company,dc=com"
ldap_connect_system: succesful connection to the LDAP server
The LDAP server is succesfully connected
ldapsam_getsampwnam: Unable to locate user [username] count=0
Finding user username
Trying _Get_Pwnam(), username as lowercase is username
Get_Pwnam_internals did find user [username]!
pdb_set_username: setting username username, was
element 12 -> now SET
pdb_set_full_name: setting full name User Name, was
element 13 -> now SET
pdb_set_unix_homedir: setting home dir /home/username, was NULL
element 22 -> now SET
pdb_set_domain: setting domain SKYWALKER, was
element 14 -> now DEFAULT
pdb_set_user_sid: setting user sid 
S-1-5-21-2472404719-3990724825-3229645963-3008
element 18 -> now SET
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 
from rid 3008
smbldap_search: base => [dc=company,dc=com], filter => 
[(&(objectClass=sambaGroupMapping)(gidNumber=1004))], scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_getgroup: Did not find group
pdb_set_group_sid: setting group sid 
S-1-5-21-2472404719-3990724825-3229645963-3009
element 19 -> now SET
pdb_set_group_sid_from_rid:
        setting group sid S-1-5-21-2472404719-3990724825-3229645963-3009 
from rid 3009
Home server: skywalker
pdb_set_profile_path: setting profile path \\skywalker\username\profile, was
element 2 -> now DEFAULT
Home server: skywalker
pdb_set_homedir: setting home dir \\skywalker\username, was
element 1 -> now DEFAULT
pdb_set_dir_drive: setting dir drive , was NULL
element 3 -> now DEFAULT
pdb_set_logon_script: setting logon script , was
element 4 -> now DEFAULT
element 20 -> now DEFAULT
pdb_init_sam_new: no RID specified.  Generating one via old algorithm
pdb_set_user_sid: setting user sid 
S-1-5-21-2472404719-3990724825-3229645963-3008
element 18 -> now SET
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 
from rid 3008
element 20 -> now CHANGED
element 20 -> now CHANGED
element 33 -> now CHANGED
element 32 -> now CHANGED
element 11 -> now CHANGED
element 21 -> now CHANGED
account_policy_get: maximum password age:-1
element 10 -> now CHANGED
account_policy_get: minimum password age:0
element 9 -> now CHANGED
account_policy_get: password history:0
element 34 -> now CHANGED
smbldap_search: base => [dc=company,dc=com], filter => 
[(&(uid=username)(objectclass=sambaAccount))], scope => [2]smbldap_open: 
already connected to the LDAP server
element 18: SET
smbldap_search: base => [dc=company,dc=com], filter => 
[(&(rid=3008)(objectclass=sambaAccount))], scope => [2]
smbldap_open: already connected to the LDAP server
smbldap_search: base => [dc=company,dc=com], filter => [(uid=username)], 
scope => [2]
smbldap_open: already connected to the LDAP server
ldapsam_add_sam_account: Adding new user
element 12: SET
init_ldap_from_sam: Setting entry for user: username
element 18: SET
element 19: SET
element 13: SET
element 23: DEFAULT
element 23: DEFAULT
element 24: DEFAULT
element 24: DEFAULT
element 26: DEFAULT
element 26: DEFAULT
element 1: DEFAULT
element 1: DEFAULT
element 3: DEFAULT
element 3: DEFAULT
element 4: DEFAULT
element 4: DEFAULT
element 2: DEFAULT
element 2: DEFAULT
element 5: DEFAULT
element 5: DEFAULT
element 6: DEFAULT
element 6: DEFAULT
element 7: DEFAULT
element 7: DEFAULT
element 9: SET
element 9: CHANGED
element 9: SET
element 9: CHANGED
element 10: SET
element 10: CHANGED
element 10: SET
element 10: CHANGED
element 32: SET
element 32: CHANGED
element 32: SET
element 32: CHANGED
element 33: SET
element 33: CHANGED
element 33: SET
element 33: CHANGED
element 34: SET
element 34: CHANGED
element 34: SET
element 34: CHANGED
account_policy_get: password history:0
element 21: SET
element 21: CHANGED
element 21: SET
element 21: CHANGED
element 27: DEFAULT
element 27: DEFAULT
element 20: SET
element 20: CHANGED
element 20: SET
element 20: CHANGED
element 29: DEFAULT
element 29: DEFAULT
smbldap_add: dn => [uid=username,ou=People,dc=company,dc=com]
smbldap_open: already connected to the LDAP server
ldapsam_modify_entry: Failed to add user dn= 
uid=company,ou=People,dc=company,dc=com with: Undefined attribute type
        rid: attribute type undefined
ldapsam_add_sam_account: failed to modify/add user with uid = username 
(dn = uid=username,ou=People,dc=company,dc=com)
Failed to add entry for user username.
Failed to modify password entry for user username

More information about the samba mailing list