[Samba] ldap smbpasswd UH???
synrat
synrat at wirewalk.org
Mon Jan 31 17:39:21 GMT 2005
I can't really guess the point of your intelligent answer from this.
If I have to assume you're surprised, I guess I am too.
The cn exists in ldap, with all the attributes that I imported from
other databases, the message given by smbpasswd suggests that it either
tried to create an entry or update it with sambaaccount attributes (
which it didn't ), neither of which are the expected results.
can you be more specific? maybe I'm misunderstanding how this should
work alltogether.
thanx in advance
Ruth Chaplin wrote:
> WHAT??
>
> -----Original Message-----
> From: samba-bounces+nhoward=brokers-online.co.uk at lists.samba.org
> [mailto:samba-bounces+nhoward=brokers-online.co.uk at lists.samba.org] On
> Behalf Of synrat
> Sent: 31 January 2005 16:13
> To: samba at lists.samba.org
> Subject: Re: [Samba] ldap smbpasswd
>
>
>
> I think I got passed this by uncommenting a lot of stuff
> in samba.schema ( smbpasswd error messages were informative enough,
> thank you ). Now I'm stuck with this when trying smpasswd -a to add
> samba attributes to ldap account. it seems like smbpasswd is trying to
> add an entry, instead of updating it. I don't see any switches to
> smbpasswd to modify its behavior. Any thoughts ?
>
> ldapsam_modify_entry: Failed to add user dn=
> uid=username,ou=People,dc=edpausa,dc=com with: Already exists
>
>
> synrat wrote:
>
>>freebsd 5.3, samba 3.10
>>
>>I get this far with LDAP/Samba integrationg.
>>Stuck on creating users/machines with smbpasswd -a (-m) username
>>command.
>>
>>schema files weren't modified, everything else is pretty much at
>>defaults.
>>
>>First the relevant config parts:
>>
>>passdb backend = ldapsam_compat:ldap://localhost/
>>ldap suffix = dc=company,dc=com
>>ldap machine suffix = ou=Computers
>>ldap user suffix = ou=People
>>ldap admin dn = "cn=Manager,dc=company,dc=com"
>>-------------------------------------
>>
>>include /usr/local/etc/openldap/schema/core.schema
>>include /usr/local/etc/openldap/schema/cosine.schema
>>include /usr/local/etc/openldap/schema/nis.schema
>>include /usr/local/etc/openldap/schema/inetorgperson.schema
>>include /usr/local/etc/openldap/schema/samba.schema
>>
>>access to attrs=userPassword,sambaLMPassword,sambaNTPassword
>> by self write
>> by anonymous auth
>> by * none
>>access to *
>> by * read
>>
>>------------------------------------------
>>
>>bash-2.05b# smbpasswd -D 256 -a username
>>Netbios name list:-
>>my_netbios_names[0]="SKYWALKER"
>>Trying to load: ldapsam_compat:ldap://localhost/
>>Attempting to register passdb backend ldapsam
>>Successfully added passdb backend 'ldapsam'
>>Attempting to register passdb backend ldapsam_compat Successfully
>>added passdb backend 'ldapsam_compat' Attempting to register passdb
>>backend smbpasswd Successfully added passdb backend 'smbpasswd'
>>Attempting to register passdb backend tdbsam
>>Successfully added passdb backend 'tdbsam'
>>Attempting to register passdb backend guest
>>Successfully added passdb backend 'guest'
>>Attempting to find an passdb backend to match
>>ldapsam_compat:ldap://localhost/ (ldapsam_compat)
>>Found pdb backend ldapsam_compat
>>pdb backend ldapsam_compat:ldap://localhost/ has a valid init
>>Attempting to find an passdb backend to match guest (guest)
>>Found pdb backend guest
>>pdb backend guest has a valid init
>>New SMB password:
>>Retype new SMB password:
>>smbldap_search: base => [dc=company,dc=com], filter =>
>>[(&(uid=username)(objectclass=sambaAccount))], scope =>
>>[2]smbldap_open_connection: ldap://localhost/
>>smbldap_open_connection: connection opened
>>ldap_connect_system: Binding to ldap server ldap://localhost/ as
>>"cn=Manager,dc=company,dc=com"
>>ldap_connect_system: succesful connection to the LDAP server
>>The LDAP server is succesfully connected
>>ldapsam_getsampwnam: Unable to locate user [username] count=0
>>Finding user username
>>Trying _Get_Pwnam(), username as lowercase is username
>>Get_Pwnam_internals did find user [username]!
>>pdb_set_username: setting username username, was
>>element 12 -> now SET
>>pdb_set_full_name: setting full name User Name, was
>>element 13 -> now SET
>>pdb_set_unix_homedir: setting home dir /home/username, was NULL
>>element 22 -> now SET
>>pdb_set_domain: setting domain SKYWALKER, was
>>element 14 -> now DEFAULT
>>pdb_set_user_sid: setting user sid
>>S-1-5-21-2472404719-3990724825-3229645963-3008
>>element 18 -> now SET
>>pdb_set_user_sid_from_rid:
>> setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008
>
>
>>from rid 3008
>>smbldap_search: base => [dc=company,dc=com], filter =>
>>[(&(objectClass=sambaGroupMapping)(gidNumber=1004))], scope => [2]
>>smbldap_open: already connected to the LDAP server
>>ldapsam_getgroup: Did not find group
>>pdb_set_group_sid: setting group sid
>>S-1-5-21-2472404719-3990724825-3229645963-3009
>>element 19 -> now SET
>>pdb_set_group_sid_from_rid:
>> setting group sid
>
> S-1-5-21-2472404719-3990724825-3229645963-3009
>
>>from rid 3009
>>Home server: skywalker
>>pdb_set_profile_path: setting profile path
>
> \\skywalker\username\profile,
>
>>was
>>element 2 -> now DEFAULT
>>Home server: skywalker
>>pdb_set_homedir: setting home dir \\skywalker\username, was
>>element 1 -> now DEFAULT
>>pdb_set_dir_drive: setting dir drive , was NULL
>>element 3 -> now DEFAULT
>>pdb_set_logon_script: setting logon script , was
>>element 4 -> now DEFAULT
>>element 20 -> now DEFAULT
>>pdb_init_sam_new: no RID specified. Generating one via old algorithm
>>pdb_set_user_sid: setting user sid
>>S-1-5-21-2472404719-3990724825-3229645963-3008
>>element 18 -> now SET
>>pdb_set_user_sid_from_rid:
>> setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008
>
>
>>from rid 3008
>>element 20 -> now CHANGED
>>element 20 -> now CHANGED
>>element 33 -> now CHANGED
>>element 32 -> now CHANGED
>>element 11 -> now CHANGED
>>element 21 -> now CHANGED
>>account_policy_get: maximum password age:-1
>>element 10 -> now CHANGED
>>account_policy_get: minimum password age:0
>>element 9 -> now CHANGED
>>account_policy_get: password history:0
>>element 34 -> now CHANGED
>>smbldap_search: base => [dc=company,dc=com], filter =>
>>[(&(uid=username)(objectclass=sambaAccount))], scope =>
>
> [2]smbldap_open:
>
>>already connected to the LDAP server
>>element 18: SET
>>smbldap_search: base => [dc=company,dc=com], filter =>
>>[(&(rid=3008)(objectclass=sambaAccount))], scope => [2]
>>smbldap_open: already connected to the LDAP server
>>smbldap_search: base => [dc=company,dc=com], filter =>
>
> [(uid=username)],
>
>>scope => [2]
>>smbldap_open: already connected to the LDAP server
>>ldapsam_add_sam_account: Adding new user
>>element 12: SET
>>init_ldap_from_sam: Setting entry for user: username
>>element 18: SET
>>element 19: SET
>>element 13: SET
>>element 23: DEFAULT
>>element 23: DEFAULT
>>element 24: DEFAULT
>>element 24: DEFAULT
>>element 26: DEFAULT
>>element 26: DEFAULT
>>element 1: DEFAULT
>>element 1: DEFAULT
>>element 3: DEFAULT
>>element 3: DEFAULT
>>element 4: DEFAULT
>>element 4: DEFAULT
>>element 2: DEFAULT
>>element 2: DEFAULT
>>element 5: DEFAULT
>>element 5: DEFAULT
>>element 6: DEFAULT
>>element 6: DEFAULT
>>element 7: DEFAULT
>>element 7: DEFAULT
>>element 9: SET
>>element 9: CHANGED
>>element 9: SET
>>element 9: CHANGED
>>element 10: SET
>>element 10: CHANGED
>>element 10: SET
>>element 10: CHANGED
>>element 32: SET
>>element 32: CHANGED
>>element 32: SET
>>element 32: CHANGED
>>element 33: SET
>>element 33: CHANGED
>>element 33: SET
>>element 33: CHANGED
>>element 34: SET
>>element 34: CHANGED
>>element 34: SET
>>element 34: CHANGED
>>account_policy_get: password history:0
>>element 21: SET
>>element 21: CHANGED
>>element 21: SET
>>element 21: CHANGED
>>element 27: DEFAULT
>>element 27: DEFAULT
>>element 20: SET
>>element 20: CHANGED
>>element 20: SET
>>element 20: CHANGED
>>element 29: DEFAULT
>>element 29: DEFAULT
>>smbldap_add: dn => [uid=username,ou=People,dc=company,dc=com]
>>smbldap_open: already connected to the LDAP server
>>ldapsam_modify_entry: Failed to add user dn=
>>uid=company,ou=People,dc=company,dc=com with: Undefined attribute type
>> rid: attribute type undefined
>>ldapsam_add_sam_account: failed to modify/add user with uid = username
>
>
>>(dn = uid=username,ou=People,dc=company,dc=com)
>>Failed to add entry for user username.
>>Failed to modify password entry for user username
>>
>>
>>
>>
>
>
More information about the samba
mailing list