[Samba] Samba/LDAP Question

Hector Blanco white.lists at gmail.com
Wed Feb 27 21:02:42 GMT 2008 

Ehm... just to make sure... could anybody who has LDAP+Samba working
send the ldif definition of what he has as a "machine"?

I've got this as a machine:
------------------------------------
dn: uid=enano$,ou=Hosts,dc=jome
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
cn: enano$
sn: enano$
uid: enano$
uidNumber: 1007
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
structuralObjectClass: inetOrgPerson
entryUUID: 0cd59f8e-79a9-102c-8d64-8b73cc15be28
creatorsName: cn=admin,dc=jome
createTimestamp: 20080227175622Z
entryCSN: 20080227175622Z#000001#00#000000
modifiersName: cn=admin,dc=jome
modifyTimestamp: 20080227175622Z
entryDN: uid=enano$,ou=Hosts,dc=jome
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
-------------------------------------

and I don't see any "samba" thing in here... Is that fine?

Thanks!!



2008/2/27, Frank J. Pellegrino <frank.pellegrino at sju.edu>:
> If your solaris box is setup as an LDAP client you can add a search
>  descriptor with the ldapclient command.
>  Below is an example of what we changed to make joining the domain work on
>  the first try.
>
>  NS_LDAP_SERVICE_SEARCH_DESC= passwd: ou=computers,o=sju.edu;ou=People,o=sju.edu
>
>
>
>
>  At 03:13 PM 2/27/2008, Hector Blanco wrote:
>  >Mmmm..If I understood properly, I'm afraid I can just say... "Welcome
>  >to the club, mate":
>  >
>  >Take a look to this:
>  >http://lists.samba.org/archive/samba/2008-February/138639.html
>  >http://lists.samba.org/archive/samba/2008-February/138442.html
>  >
>  >May it be a bug??  Is the same thing that is happeing to you?
>  >
>  >Regards
>  >
>  >2008/2/4, Frank J. Pellegrino <frank.pellegrino at sju.edu>:
>  > > We have just setup Samba 3.0.28 with LDAP support.  We are using a Sun One
>  > >  5.2 LDAP server.
>  > >
>  > >  We are having a problem when a new machine joins the domain.
>  > >  Here is a snippet of our smb.conf file
>  > >    add machine script = /usr/local/sbin/smbldap-useradd -w "%m"
>  > >    ldap machine suffix = ou=computers
>  > >    ldap user suffix = ou=People
>  > >
>  > >  When a new machine attempts to join the domain a new entry is created in
>  > >  ou=computers as expected.  This entry has only the posixAccount
>  > information
>  > >  and no Samba info.  However, the machine reports that it failed to
>  > join the
>  > >  domain.  Log entries on both samba and LDAP tell me that after the
>  > entry is
>  > >  created, samba is trying to find that entry in ou=people instead of
>  > >  ou=computers.
>  > >
>  > >  Attempting to add the machine again gives us an error that the machine
>  > >  already exists.
>  > >
>  > >  I modified smbldap-useradd to include the sambaSamAccount information when
>  > >  the entry is created.  The first attempt to join the domain still fails,
>  > >  however trying again succeeds.
>  > >
>  > >  In another test, I removed the modifications from smbldap-useradd and
>  > >  modified the smbldap.conf file so that it thought the machines container
>  > >  was ou=people.  With this change the new machine was able to join the
>  > >  domain on the first try.  The problem here is that we don't want the
>  > >  machines mixed in with the users.
>  > >
>  > >  So from this I determined that after creating the new entry for the
>  > >  machine, Samba then goes and looks for that entry in ou=people instead of
>  > >  ou=computers.  My guess is that there is a bug in the code that looks at
>  > >  the wrong configuration entry.
>  > >
>  > >  I have tried looking through the C code on my own.  I'm only familiar with
>  > >  C so I haven't made as much progress as I'd like.
>  > >
>  > >  Is this a known bug?  Is it possible that we have a configuration wrong
>  > >  somewhere?
>  > >
>  > >  Can anyone point me to the correct C file so I can try and fix this?
>  > >
>  > >  I'd appreciate any help I can get.
>  > >
>  > >  Thanks.
>  > >
>  > >
>  > >
>  > >  --
>  > >  To unsubscribe from this list go to the following URL and read the
>  > >  instructions:  https://lists.samba.org/mailman/listinfo/samba
>  > >
>  >--
>  >To unsubscribe from this list go to the following URL and read the
>  >instructions:  https://lists.samba.org/mailman/listinfo/samba
>
>
>
>

More information about the samba mailing list