[Samba] Re: Help with user/domain Management fm Windows side

Jim C. jcllings at gmail.com
Mon Jun 6 17:40:03 GMT 2005

Hash: SHA1

> if you don't want to bother researching what version of smbldap-tools
> anyone to say is there?

Actually this was a problem but not my fault.

Because of the infamous "rpm hell" and various changes in Samba and
smbldap-tools (i.e. the underlying perl libraries were a problem ) I was
unable to upgrade without upgrading my entire OS.  I had to wait until I
had a suitably large block of time available for this project.

OK, so I've finally been able to do this and I've still got the same old
trouble. I have to say that I am not sure of the perms on the
smbldap-tools.  They don't look like they did in previous releases.  As
I recall some of them belonged to to the adm group. At the same time, I
can't think of a reason why this setup wouldn't work with "other" set to

So, anyway the new stuff is:

[root at enigma samba]# rpm -qa | grep samba; rpm -qa | grep smbldap-tools-0

[root at enigma samba]# testparm | grep smbldap
Load smb config files from /etc/samba/smb.conf
Processing section "[apps]"
Processing section "[public]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions

        add user script = /usr/sbin/smbldap-useradd -m '%u'
        delete user script = /usr/sbin/smbldap-userdel '%u'
        add group script = /usr/sbin/smbldap-groupadd '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'
        delete group script = /usr/sbin/smbldap-groupdel '%g'
        add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
        delete user from group script = /usr/sbin/smbldap-groupmod -x
'%u' '%g'
        set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
        add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null
- -c 'Machine Account' -s /bin/false '%u'

Perms for these scripts are:

[root at enigma samba]# ls -l /usr/sbin/smbldap-useradd
/usr/sbin/smbldap-userdel /usr/sbin/smbldap-groupadd
/usr/sbin/smbldap-groupshow /usr/sbin/smbldap-groupdel
/usr/sbin/smbldap-groupmod /usr/sbin/smbldap-groupmod
/usr/sbin/smbldap-usermod /usr/sbin/smbldap-useradd
- -rwxr-xr-x  1 root root  5379 Feb 17 01:21 /usr/sbin/smbldap-groupadd*
- -rwxr-xr-x  1 root root  2473 Feb 17 01:21 /usr/sbin/smbldap-groupdel*
- -rwxr-xr-x  1 root root  8550 Feb 17 01:21 /usr/sbin/smbldap-groupmod*
- -rwxr-xr-x  1 root root  8550 Feb 17 01:21 /usr/sbin/smbldap-groupmod*
- -rwxr-xr-x  1 root root  2009 Feb 17 01:21 /usr/sbin/smbldap-groupshow*
- -rwxr-xr-x  1 root root 17900 Feb 17 01:21 /usr/sbin/smbldap-useradd*
- -rwxr-xr-x  1 root root 17900 Feb 17 01:21 /usr/sbin/smbldap-useradd*
- -rwxr-xr-x  1 root root  3244 Feb 17 01:21 /usr/sbin/smbldap-userdel*
- -rwxr-xr-x  1 root root 18928 Feb 17 01:21 /usr/sbin/smbldap-usermod*

Other things I need verified:

Do I have the right client?  I'm using Windows XP and the Active
Directory snap in for users and groups does not seem to be available.
My supposition is that it is a for-pay item. Consequently, I downloaded
the one from NT and that hasn't been working for me either. Anybody got
a clue for me here?

Jim C.
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the samba mailing list