[Samba] Idealx Add Machine

John H Terpstra jht at samba.org
Fri Oct 21 16:25:25 GMT 2005


On Friday 21 October 2005 10:10, Thomas M. Skeren III wrote:
> Really frustrated here.  After some tweaking I was able to get the
> smbldap-useradd script to work for adding samba users.  This was
> resolved editing sambaDomainName=        and adding an Attribute
> objectClass with value sambaUnixIdPool, and Attribute uidNumber and
> Value equal to one greater than the highest uidNumber currently in use.

Thomas,

Have you followed the example in chapter 5 of the book "Samba-3 by Example"?
http://www.samba.org/samba/docs/Samba3-ByExample.pdf

If you can point me to any step that does not work I will gladly work with you 
to fix it.

Adding a machine account on the fly by calling the "add machine script" should 
create only the POSIX system user account for the machine. Samba will 
create/add the SambaSAMAccount part.

All domain member accounts must be capable of being resolved via NSS. In other 
words, executing "getent passwd" must list the machine accounts, and these 
must have a valid UID.

Have you followed the diagnostic information in section 5.1.3.7 of the above 
documentation?

If the documentation does not help to solve your problem then it must be 
rewritten so that it can be used by others who are having your problem. 
Please help me to fix any weaknesses in the documentation by giving us 
approapriate feedback.

What version of Samba are you using? What is your OS platform?

- John T.


>
> However smbldap-useradd -w <machinename> continues to produce garbage,.
> This is what is being created when the script is run:
>
> dn: uid=testor2$, ou=computers, dc=fsklaw,dc=com
> sn: testor2$
> loginShell: /bin/false
> uidNumber: 1110
> gidNumber: 553
> objectClass: top
> objectClass: inetOrgPerson
> objectClass: posixAccount
> uid: testor2$
> gecos: Computer
> cn: testor2$
> homeDirectory: /dev/null
> description: Computer
>
> This is, clearly, not going to work as a working machine account
> contains the following:
>
> dn: uid=debbie$, ou=computers, dc=fsklaw,dc=com
> sambaPwdLastSet: 111111111
> sn: debbie$
> sambaAcctFlags: [W          ]
> loginShell: /bin/false
> uidNumber: 1003
> gidNumber: 553
> displayName: Debbie LeBeau
> sambaPwdMustChange: 22222222
> uid: debbie$
> objectClass: top
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: sambaSamAccount
> sambaSID: S-1-5-
> cn: debbie$
> homeDirectory: /dev/null
> sambaNTPassword: 537xxxxxxxxxxxxxxxxxxxxxxxx
> sambaPwdCanChange: 111111111
> description: Computer
> sambaPrimaryGroupSID: S-1-
>
> Does anyone have any insight here?  Adding new machines manually is just
> painful.


More information about the samba mailing list