[Samba] smbldap and samba as a PDC

John H Terpstra - Samba Team jht at samba.org
Fri Mar 20 14:20:31 GMT 2009 

Adam Williams wrote:
> i never could get smbldaptools to work properly (on fedora and centos),
> i always got various perl errors.  i just create the machine accounts by
> hand.

LiPi/Adam,

I have used smbldap-tools since the first version.  This tool is your
friend so long as its dependencies are met.  Where its dependencies are
not met it can be difficult to diagnose what is missing.  Have you
checked the smbldap-tools documentation to see which perl modules are
required?  Have you checked to ensure that these perl modules are
installed on your system?

Did you install the appropriate Linux distro package, or did you install
it by hand?

1) If you elected to install by hand you will have to manually satisfy
all perl module dependencies.  You may have to use: "perl -MCPAN -e
shell" as the means of installing the missing perl modules.

2) If you installed from the official distro packages, please contact
the package maintainer regarding correct procedures to ensure that all
dependencies are met.

I used smbldap-tools in Samba3-ByExample.  Have you checked how it is
used in this book?  I used SUSE Linux in the book, but that is pretty
close to Fedora Core.  Ubuntu can be a little more challenging, suggest
you ask on the ubuntu mailing list.

Cheers,
John T.

> LiPi - wrote:
>> Hi people, I have a problem with samba, openldap and the creation of
>> machine
>> accounts.
>> I don't know if here is a good place to ask but I don't receive help in
>> other places.. I read many guides, howto's, etc. but
>> I can't get around with the solution...
>>
>>  I have seen an older message to another list (mail.gna.org) asking
>> for the
>> same problem that I have, it was:
>>
>>    - [Smbldap-tools-tech] Problem creating machine
>> accounts<https://mail.gna.org/public/smbldap-tools-tech/2008-09/msg00001.html>,
>>
>>    *Jonathan Warrington   (September 24, 2008 - 19:24)*
>>
>> I didn't know if Jonathan received a response, but I have two
>> problems, one
>> is exactly the same that's described there, and the other is explained as
>> follows:
>>
>> I have samba + ldap PDC with smbldap-tools, and when I try to join the
>> domain I get these error:
>>
>> root at patata:/# net rpc join -U administrador
>>   Password:
>>   Creation of workstation account failed
>>   Unable to join domain TESTING.
>>
>>   If I take a look to the logs...:
>>   2009/03/19 20:18:42, 0] passdb/pdb_interface.c:pdb_
>> default_create_user(329)
>>    _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w
>> patata$' gave 127
>>
>>  Then manually, smbldap-useradd -w patata$:
>>   Error: modifications require authentication at /usr/share/perl5/
>> smbldap_tools.pm line 1083.
>>
>>   And if I create the machine account from phpldapadmin, it works
>> perfectly.
>>
>>   What can I do? I tried:
>>    net -U administrador%XXXX rpc rights grant 'TESTING\smbadmins'
>> SeMachineAccountPrivilege,
>>
>>    also tried to modify smbldap.conf and smbldap_bind.conf, and I got
>> nothing...
>>
>>   I followed many howto's and surelly there is something that i'm not
>> understanding, but I don't know what. Any suggestion would surely be
>> helpful.
>>
>> getent passwd and getent group works well. If I try to add a machine
>> account
>> from phpldapadmin, all goes right.
>>
>> This is my smbldap config:
>> http://pastebin.ca/1365687
>>
>> And this my smb.conf:
>> http://pastebin.ca/1365698
>>
>>
>> Thank you all.
>>
>> LiPi
>>   


-- 
John H Terpstra

"If at first you don't succeed, don't go sky-diving!"

More information about the samba mailing list