[Samba] samba machine accounts problem

Sven Buchstaller ask at quickline.de
Wed Apr 15 14:37:24 GMT 2009 

Hi Ray

thx for helping, my config on opensuse 10.2

cat /etc/ldap.conf |grep nss_ |grep -v ^#

nss_initgroups_ignoreusers      root,ldap
nss_schema      rfc2307bis
nss_map_attribute       uniqueMember member
nss_base_passwd ou=users,dc=server,dc=intern
nss_base_shadow dc=server,dc=intern
nss_base_group  ou=groups,dc=server,dc=intern

cat /etc/nsswitch.conf

passwd: 	compat
group:  	compat

hosts:  	files dns
networks:       files dns

services:       files ldap
protocols:      files
rpc:    	files
ethers: 	files
netmasks:       files
netgroup:       files ldap
publickey:      files

bootparams:     files
automount:      files nis
aliases:        files ldap
passwd_compat:  ldap
group_compat:   ldap

only ou=users, need i a second one for hosts? can i do this belated?

-------- Weitergeleitete Nachricht --------
Von: Ray Klassen <rayklassen at gmail.com>
An: Sven Buchstaller <ask at quickline.de>
Kopie: samba at lists.samba.org
Betreff: Re: [Samba] samba machine accounts problem
Datum: Wed, 15 Apr 2009 06:13:21 -0700

/etc/ldap.conf

are you including a line like
nss_base_passwd         ou=hosts,dc=server,dc=intern?one

/etc/nsswitch.conf

does it include the following?

passwd:     files ldap
shadow:     files ldap
group:      files ldap

This is how machine accounts in ldap become 'unix accounts' or that's
the way I do it...


On Tue, Apr 14, 2009 at 11:31 PM, Sven Buchstaller <ask at quickline.de> wrote:
> Hi list
>
> samba3-3.0.31-36
> openldap2-2.3.43-1.1
>
> my problem is i have stop my working openldap and restart it again, in
> the Log i see now = pdb_get_group_sid: Failed to find Unix account
> for ... a lot of machine accounts.
> Whats wrong? i must now all accounts rejoin to domain?
>
> example from a host
>
> # bart$, hosts, server.intern
> dn: uid=bart$,ou=hosts,dc=server,dc=intern
> objectClass: sambaSamAccount
> objectClass: posixAccount                <---unix account ?
> objectClass: account
> sambaDomainName: srv01
> displayName: bart
> sambaPrimaryGroupSID: S-1-5-21-3991578539-3149662252-1894531253-515
> sambaSID: S-1-5-21-3991578539-3149662252-1894531253-101524
> gidNumber: 515
> loginShell: /bin/false
> homeDirectory: /dev/null
> uid: bart$
> cn: bart
> uidNumber: 50262
> sambaPwdCanChange: 1196710001
> sambaPwdMustChange: 1204486001
> sambaAcctFlags: [WX         ]
> sambaPwdLastSet: 1238649797
>
> # search result
> search: 2
> result: 0 Success
>
>
>
>
> mfg sven
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list