[Samba] Unable to add computer to domain

Wesley Hobbie wslyhbb at yahoo.com
Tue Mar 14 03:21:13 GMT 2006 

I did a search on Google and all I found was a bunch of copies of a
conversation between Fran Fabrizio and John H Terpstra, and in the end Fran
did not have the add machine script.

I have the add machine script, that is not the problem, when I try to join
the domain from the Windows server, it does create the account in LDAP and
still fails :-(.  I did look at the server02.log file (log file for my
Windows 2003 Server) and I see the following entries:
[2006/03/13 20:55:40, 0] lib/util_sock.c:matchname(1111)
   sys_gethostbyname(server02): lookup failure.
[2006/03/13 20:55:40, 0] lib/util_sock.c:get_peer_name(1189)
   Matchname failed on server02 172.16.0.11
[2006/03/13 20:55:40, 0] lib/debug.c:reopen_logs(597)
   Unable to open new log file /var/log/samba/server02.log: Permission
denied [2006/03/13 20:55:51, 0] lib/util_sock.c:matchname(1111)
   sys_gethostbyname(server02): lookup failure.
[2006/03/13 20:55:51, 0] lib/util_sock.c:get_peer_name(1189)
   Matchname failed on server02 172.16.0.11
[2006/03/13 20:55:51, 0] lib/debug.c:reopen_logs(597)
   Unable to open new log file /var/log/samba/server02.log: Permission
denied [2006/03/13 20:55:52, 0]
rpc_server/srv_samr_nt.c:_samr_create_user(2404)   _samr_create_user:
Running the command `/usr/sbin/smbldap-useradd -w "server02$"' gave 9  

-----Original Message-----
From: James Taylor [mailto:jtaylor at laszlosystems.com] 
Sent: Monday, March 13, 2006 1:25 PM
To: 'Wesley Hobbie'; craigwhite at azapple.com
Cc: samba at lists.samba.org
Subject: RE: [Samba] Unable to add computer to domain


Wes,

Do a google search on this topic: [Samba] Can't join my domain

You will see what the problem is with the username can't be found.

James

-----Original Message-----
From: samba-bounces+jtaylor=laszlosystems.com at lists.samba.org
[mailto:samba-bounces+jtaylor=laszlosystems.com at lists.samba.org] On Behalf
Of Wesley Hobbie
Sent: Sunday, March 12, 2006 11:14 AM
To: craigwhite at azapple.com
Cc: samba at lists.samba.org
Subject: RE: [Samba] Unable to add computer to domain

Hey Craig,
Actually I found on the Internet that I needed to run smbldap-populate, so I
did and now I can manually add the user, although when I go to my Windows
2003 Server to join the domain I am still having a problem.
 
Wes

-----Original Message-----
From: Wesley Hobbie
Sent: Sunday, March 12, 2006 5:57 PM
To: craigwhite at azapple.com
Cc: samba at lists.samba.org
Subject: RE: [Samba] Unable to add computer to domain

I can connect to LDAP via the command line, and I am using the same user in
smb.conf as I am in smbldap-tools_bind.config.

Excerpt from smb.conf:
passdb backend = ldapsam:ldap://server01.bluemapletech.com
ldap suffix = dc=mydomain,dc=com
ldap machine suffix = ou=Hosts
ldap admin dn = cn=root,dc=mydomain,dc=com
add machine script = /usr/sbin/smbldap-useradd -w "%u"

Excerpt from smbldap.conf:
slaveLDAP="127.0.0.1"
slavePort="389"

masterLDAP="127.0.0.1"
masterPort="389"

ldapTLS="1"
suffix="dc=mydomain,dc=com"
usersdn="ou=People,${suffix}"
computersdn="ou=Hosts,${suffix}"

with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"  (I am wondering if this is right?)

with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"

Excerpt from smbldap_bind.conf:
slaveDN="cn=root,dc=mydomain,dc=com"
slavePw="**********"
masterDN="cn=root,dc=mydomain,dc=com"
masterPw="**********"

Actually, I while I was copying the info from the files I noticed I
mispelled my domain name, so I fixed it and tried it again.  Now I do not
get an error about it cannot contact the LDAP server, only that it could not
find the next uid, "Error looking for next uid."

-----Original Message-----
From: Craig White [mailto:craigwhite at azapple.com] 
Sent: Sunday, March 12, 2006 11:25 AM
To: Wesley Hobbie
Cc: samba at lists.samba.org
Subject: RE: [Samba] Unable to add computer to domain


I'm going to ignore other users problems since they may or may not have
similarities to your issues.

Can you actually connect to your LDAP server from the command line?

Can you actually connect to your LDAP server from the command line with
'write' permissions as the user and parameters as indicated within smb.conf
?

Can you actually connect to your LDAP server from the command line with
'write' permissions as the user and parameters as indicated within
smbldap-tools_bind.conf ?

Craig

On Sun, 2006-03-12 at 10:57 -0600, Wesley Hobbie wrote:
> Ok, I did not know that.  I modified the two files in the 
> /etc/smbldap-tools folder, although I am still getting the same error.
> 
> I looked at the Samba archive for March and I notice some other people 
> seem to be having the same issue. March 2 - Bevan Agard
> March 6 - Hakan BAYINDIR
> 
> I try to add my Windows 2003 Server to the domain and I get an error 
> that the user name could not be found.  That is when I tried to 
> manually execute the command that Samba is instructed to use when 
> adding a machine, which is when I got the error about it cannot 
> contact the LDAP server.
> 
> -----Original Message-----
> From: Craig White [mailto:craigwhite at azapple.com]
> Sent: Saturday, March 11, 2006 11:35 AM
> To: samba at lists.samba.org
> Subject: Re: [Samba] Unable to add computer to domain
> 
> 
> On Sat, 2006-03-11 at 11:10 -0600, Wesley Hobbie wrote:
> > I have an OpenLDAP backend, Samba knows how to talk to it, my Samba
> > users are stored in LDAP and file shares work fine authenticating to 
> > the LDAP server. I tried executing smbldap-useradd -w server02 on the 
> > command-line and got the following error:
> > failed to perform search; Can't contact LDAP server at
> > /usr/lib/perl5/vendor_perl/5.8.7/smbldap_tools.pm line 362, <DATA> line
> 283.
> > Error looking for next uid at 
> > /usr/lib/perl5/vendor_perl/5.8.7/smbldap_tools.pm line 993, <DATA> 
> > line
> 283.
> >  
> > Anyone have any ideas?
> ----
> sounds as though you've been using tools other than smbldap to setup 
> user accounts, etc.
> 
> smbldap has to be configured to talk to your LDAP server if you expect 
> it to work.
> 
> depending upon which version of smbldap you are using, your config 
> files will be in various places but I think the current place is 
> /etc/smbldap-tools directory these days.
> 
> Craig
> 
> 
>

More information about the samba mailing list