[Samba] SAMBA3 + LDAP = PDC => ROUND 4 ;o)

John H Terpstra jht at samba.org
Mon Mar 21 17:02:21 GMT 2005 

On Monday 21 March 2005 09:45, benjamin.dupuis at armorarena-fr.com wrote:
> Okay
>
> I try this thing :
> mastok:/etc/samba # smbldap-useradd root
> mastok:/etc/samba # smbldap-usermod -u 0 -g 0 root
> mastok:/etc/samba # smbldap-usermod -a root
> mastok:/etc/samba # smbldap-passwd root
> #####
> Administrator:x:998:512:Netbios Domain
> Administrator:/home/data1/samba/Administrator:/sbin/nologin
> nobody:x:999:514:nobody:/dev/null:/sbin/nologin
> root:x:0:0:System User:/home/data1/samba/root:/sbin/nologin
> #####
> Connecting to the domain with account root.
> Computer Accout created :
> poil-barebone$:x:1005:515:Computer:/dev/null:/sbin/nologin
> But Access Deny on my Windows computer :(
>
>  check_ntlm_password:  authentication for user [root] -> [root] ->
> [root] succeeded
> [2005/03/21 17:38:14, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
>   Returning domain sid for domain ARZUR-NT ->
> S-1-5-21-1874299889-3982645529-2160850509
> [2005/03/21 17:38:14, 2] passdb/pdb_ldap.c:init_group_from_ldap(2057)
>   init_group_from_ldap: Entry found for group: 515
> [2005/03/21 17:38:14, 2] passdb/pdb_ldap.c:init_ldap_from_sam(929)
>   init_ldap_from_sam: Setting entry for user: poil-barebone$
> [2005/03/21 17:38:14, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1552)
>   ldapsam_modify_entry: Failed to modify user dn=
> uid=poil-barebone$,ou=Computers,dc=arzur,dc=local with: Insufficient access
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

It would appear that your Samba configuration does not permit write access to 
the LDAP server. Did you set the LDAP admin password? This is done using:

	smbpasswd -w 'secret'

- John T.

>
> [2005/03/21 17:38:14, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1994)
>   ldapsam_add_sam_account: failed to modify/add user with uid =
> poil-barebone$ (dn = uid=poil-barebone$,ou=Computers,dc=arzur,dc=local)
> [2005/03/21 17:38:14, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2272)
>   could not add user/computer poil-barebone$ to passdb.  Check permissions?
> [2005/03/21 17:38:15, 2] smbd/server.c:exit_server(575)

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.

More information about the samba mailing list