[Samba] smbldap and samba as a PDC

Adam Williams awilliam at mdah.state.ms.us
Fri Mar 20 13:55:53 GMT 2009


i never could get smbldaptools to work properly (on fedora and centos), 
i always got various perl errors.  i just create the machine accounts by 
hand.

LiPi - wrote:
> Hi people, I have a problem with samba, openldap and the creation of machine
> accounts.
> I don't know if here is a good place to ask but I don't receive help in
> other places.. I read many guides, howto's, etc. but
> I can't get around with the solution...
>
>  I have seen an older message to another list (mail.gna.org) asking for the
> same problem that I have, it was:
>
>    - [Smbldap-tools-tech] Problem creating machine
> accounts<https://mail.gna.org/public/smbldap-tools-tech/2008-09/msg00001.html>,
>    *Jonathan Warrington   (September 24, 2008 - 19:24)*
>
> I didn't know if Jonathan received a response, but I have two problems, one
> is exactly the same that's described there, and the other is explained as
> follows:
>
> I have samba + ldap PDC with smbldap-tools, and when I try to join the
> domain I get these error:
>
> root at patata:/# net rpc join -U administrador
>   Password:
>   Creation of workstation account failed
>   Unable to join domain TESTING.
>
>   If I take a look to the logs...:
>   2009/03/19 20:18:42, 0] passdb/pdb_interface.c:pdb_
> default_create_user(329)
>    _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w
> patata$' gave 127
>
>  Then manually, smbldap-useradd -w patata$:
>   Error: modifications require authentication at /usr/share/perl5/
> smbldap_tools.pm line 1083.
>
>   And if I create the machine account from phpldapadmin, it works perfectly.
>
>   What can I do? I tried:
>    net -U administrador%XXXX rpc rights grant 'TESTING\smbadmins'
> SeMachineAccountPrivilege,
>
>    also tried to modify smbldap.conf and smbldap_bind.conf, and I got
> nothing...
>
>   I followed many howto's and surelly there is something that i'm not
> understanding, but I don't know what. Any suggestion would surely be
> helpful.
>
> getent passwd and getent group works well. If I try to add a machine account
> from phpldapadmin, all goes right.
>
> This is my smbldap config:
> http://pastebin.ca/1365687
>
> And this my smb.conf:
> http://pastebin.ca/1365698
>
>
> Thank you all.
>
> LiPi
>   


More information about the samba mailing list