[Samba] Mis-behavior of ldap.conf regarding nss?

Marcio Merlone marcio.merlone at a1.ind.br
Thu Apr 24 11:35:59 GMT 2008

Adam Tauno Williams escreveu:
>> I run a samba 3.0.26a-1ubuntu2.3 on an Ubuntu 7.10 server with OpenLDAP 
>> both for samba and for posix accounts. Everything runs fine, except for 
>> one problem. I have a ou=People-inactive branch on my ldap server on 
>> wich I store (guess what?) inactive people. I don't want my system to 
>> recognize those entries as valid users, so I set my /etc/ldap.conf as 
>> follows:
>> nss_base_passwd         ou=People,dc=a1,dc=ind?one
>> The problem arose when I tried to add a new machine to the domain. The 
>> smbldap-useradd script is able to add the machine entry on ldap, but the 
>> whole process fails with "User not found" (translated from the 
>> Portuguese message) on the adding workstation. After googling for about 
>> 3 hours without success, I found that if I just comment out the 
>> nss_base_* entries, everything works as expected and am able to join a 
>> machine to the domain.
> Does your script create the machine account object in ou=People?  You've
> verified the object is created at all and you can successfully "id
> {machine}$"?
No, it gets created in ou=Host. Isn't it supposed to be this way?

Marcio Merlone

More information about the samba mailing list