[Samba] strange error 1937

Mario Gzuk mariogzuk at technikz.de
Thu Sep 22 08:44:30 GMT 2005


Hi,
After configuring and populating I try to add the accounts from a NT4
domain.
The "net rpc samdump -S SERVERNAME" works as expected.
I can see the Password hashes and all computers and users.
After that I try to NET VAMPIRE.....
The groups were added fine but for each computer and user account I get
this error:

...passdb/pdb_ldap.c:ldapsam_add_sam_account(1937)
ldapsam_add_sam_account: failed to modify/add user with uid = .....

the normal smbldap-useradd works also as expected. I try all findable
documentation and searched for this error but found nothing. I try it
with samba 3.0.13 and 3.0.14 / smbldap-tools 0.9.0 and 0.9.1 with the
same result....


---SNIP---------------------------------------------------------------------------------
The ldap log tell me:
.... conn=2 op=94 SRCH base="dc=example,dc=com" scope=2 deref=0
filter="(&(objectClass=posixAccount)(uid=user2))"
.... conn=2 op=94 SRCH attr=uid userPassword uidNumber gidNumber cn
homeDirectory loginShell gecos description objectClass
.... conn=2 op=94 SEARCH RESULT tag=101 err=0 nentries=1 text=
.... conn=1 op=186 SRCH base="dc=example,dc=com" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-123456789-123456789-123456789-1003)(objectClass=sambaSamAccount))"
.... conn=1 op=186 SRCH attr=uid uidNumber gidNumber homeDirectory
sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime
sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive
sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags
sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp
.... conn=1 op=186 SEARCH RESULT tag=101 err=0 nentries=0 text=
.... conn=1 op=187 SRCH base="dc=example,dc=com" scope=2 deref=0
filter="(&(&(objectClass=sambaSamAccount)(uid=user2))(objectClass=sambaSamAccount))"
.... conn=1 op=187 SRCH attr=uid uidNumber gidNumber homeDirectory
sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime
sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive
sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags
sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
sambaPasswordHistory modifyTimestamp sambaLogonHours
.... conn=1 op=187 SEARCH RESULT tag=101 err=0 nentries=0 text=
.... conn=1 op=188 SRCH base="dc=example,dc=com" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-123456789-123456789-123456789-1003)(objectClass=sambaSamAccount))"
.... conn=1 op=188 SRCH attr=uid uidNumber gidNumber homeDirectory
sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime
sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive
sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags
sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp
.... conn=1 op=188 SEARCH RESULT tag=101 err=0 nentries=0 text=
.... conn=1 op=189 SRCH base="dc=example,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaSamAccount)(uid=user2))"
.... conn=1 op=189 SRCH attr=uid uidNumber gidNumber homeDirectory
sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime
sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive
sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags
sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
sambaPasswordHistory modifyTimestamp sambaLogonHours
.... conn=1 op=189 SEARCH RESULT tag=101 err=0 nentries=0 text=
.... conn=1 op=190 SRCH base="dc=example,dc=com" scope=2 deref=0
filter="(&(sambaSID=s-1-5-21-123456789-123456789-123456789-1003)(|(objectClass=sambaIdmapEntry)(objectClass=sambaSidEntry)))"
.... conn=1 op=190 SRCH attr=uid uidNumber gidNumber homeDirectory
sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime
sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive
sambaHomePath sambaLogonScript sambaProfilePath description
sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword
sambaNTPassword sambaDomainName objectClass sambaAcctFlags
sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime
sambaPasswordHistory modifyTimestamp sambaLogonHours
.... conn=1 op=190 SEARCH RESULT tag=101 err=0 nentries=0 text=
.... conn=1 op=191 ADD dn="uid=user2,dc=example,dc=com"
.... conn=1 op=191 RESULT tag=105 err=68 text=èV^W^H^X^V.A
\204î,@^P3^W^HDx,@Øÿÿÿ\234^[.A\210x8 at 0L^I^H\210x8@^H^V.A at x8@^HY^W^H^C
--SNAP-------------------------------------------------------------------

This is the add user script:
add user script = smbldap-useradd "%u"

I take a look at the pdb_ldap.c and the error seems to be produced in
the following lines:

	ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,ldap_op,
element_is_set_or_changed);
	if (!NT_STATUS_IS_OK(ret)) {
		DEBUG(0,("ldapsam_add_sam_account: failed to modify/add user with uid
= %s (dn = %s)\n",
			 pdb_get_username(newpwd),dn));
		ldap_mods_free(mods, True);
		return ret;
	}


Can someone help me with this?

thank you

greetings mario gzuk



More information about the samba mailing list