[Samba] Samba/LDAP Question

Frank J. Pellegrino frank.pellegrino at sju.edu
Wed Feb 27 20:22:45 GMT 2008 

If your solaris box is setup as an LDAP client you can add a search 
descriptor with the ldapclient command.
Below is an example of what we changed to make joining the domain work on 
the first try.

NS_LDAP_SERVICE_SEARCH_DESC= passwd: ou=computers,o=sju.edu;ou=People,o=sju.edu



At 03:13 PM 2/27/2008, Hector Blanco wrote:
>Mmmm..If I understood properly, I'm afraid I can just say... "Welcome
>to the club, mate":
>
>Take a look to this:
>http://lists.samba.org/archive/samba/2008-February/138639.html
>http://lists.samba.org/archive/samba/2008-February/138442.html
>
>May it be a bug??  Is the same thing that is happeing to you?
>
>Regards
>
>2008/2/4, Frank J. Pellegrino <frank.pellegrino at sju.edu>:
> > We have just setup Samba 3.0.28 with LDAP support.  We are using a Sun One
> >  5.2 LDAP server.
> >
> >  We are having a problem when a new machine joins the domain.
> >  Here is a snippet of our smb.conf file
> >    add machine script = /usr/local/sbin/smbldap-useradd -w "%m"
> >    ldap machine suffix = ou=computers
> >    ldap user suffix = ou=People
> >
> >  When a new machine attempts to join the domain a new entry is created in
> >  ou=computers as expected.  This entry has only the posixAccount 
> information
> >  and no Samba info.  However, the machine reports that it failed to 
> join the
> >  domain.  Log entries on both samba and LDAP tell me that after the 
> entry is
> >  created, samba is trying to find that entry in ou=people instead of
> >  ou=computers.
> >
> >  Attempting to add the machine again gives us an error that the machine
> >  already exists.
> >
> >  I modified smbldap-useradd to include the sambaSamAccount information when
> >  the entry is created.  The first attempt to join the domain still fails,
> >  however trying again succeeds.
> >
> >  In another test, I removed the modifications from smbldap-useradd and
> >  modified the smbldap.conf file so that it thought the machines container
> >  was ou=people.  With this change the new machine was able to join the
> >  domain on the first try.  The problem here is that we don't want the
> >  machines mixed in with the users.
> >
> >  So from this I determined that after creating the new entry for the
> >  machine, Samba then goes and looks for that entry in ou=people instead of
> >  ou=computers.  My guess is that there is a bug in the code that looks at
> >  the wrong configuration entry.
> >
> >  I have tried looking through the C code on my own.  I'm only familiar with
> >  C so I haven't made as much progress as I'd like.
> >
> >  Is this a known bug?  Is it possible that we have a configuration wrong
> >  somewhere?
> >
> >  Can anyone point me to the correct C file so I can try and fix this?
> >
> >  I'd appreciate any help I can get.
> >
> >  Thanks.
> >
> >
> >
> >  --
> >  To unsubscribe from this list go to the following URL and read the
> >  instructions:  https://lists.samba.org/mailman/listinfo/samba
> >
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list