[Samba] smbldap and samba as a PDC

Wikked one wikked1 at hotmail.com
Fri Mar 20 16:16:35 GMT 2009


LiPi,
       I too have user smbldap-tools with good success.
There is a nice little installer package (smbldap-configure) 
that simplifies this process a little bit...
you can find a version that may be suitable for use here
http://majen.net/smbldap/

On another note this looks vaguely familiar and I think it's related to the SID in
one of the smbldap.conf  or the smbldap_bind.conf files...but that's pure guess on my part but it might be worth
confirming your SID matches in all your config files.



> Date: Fri, 20 Mar 2009 09:20:31 -0500
> From: jht at samba.org
> To: awilliam at mdah.state.ms.us
> Subject: Re: [Samba] smbldap and samba as a PDC
> CC: samba at lists.samba.org
> 
> Adam Williams wrote:
> > i never could get smbldaptools to work properly (on fedora and centos),
> > i always got various perl errors.  i just create the machine accounts by
> > hand.
> 
> LiPi/Adam,
> 
> I have used smbldap-tools since the first version.  This tool is your
> friend so long as its dependencies are met.  Where its dependencies are
> not met it can be difficult to diagnose what is missing.  Have you
> checked the smbldap-tools documentation to see which perl modules are
> required?  Have you checked to ensure that these perl modules are
> installed on your system?
> 
> Did you install the appropriate Linux distro package, or did you install
> it by hand?
> 
> 1) If you elected to install by hand you will have to manually satisfy
> all perl module dependencies.  You may have to use: "perl -MCPAN -e
> shell" as the means of installing the missing perl modules.
> 
> 2) If you installed from the official distro packages, please contact
> the package maintainer regarding correct procedures to ensure that all
> dependencies are met.
> 
> I used smbldap-tools in Samba3-ByExample.  Have you checked how it is
> used in this book?  I used SUSE Linux in the book, but that is pretty
> close to Fedora Core.  Ubuntu can be a little more challenging, suggest
> you ask on the ubuntu mailing list.
> 
> Cheers,
> John T.
> 
> > LiPi - wrote:
> >> Hi people, I have a problem with samba, openldap and the creation of
> >> machine
> >> accounts.
> >> I don't know if here is a good place to ask but I don't receive help in
> >> other places.. I read many guides, howto's, etc. but
> >> I can't get around with the solution...
> >>
> >>  I have seen an older message to another list (mail.gna.org) asking
> >> for the
> >> same problem that I have, it was:
> >>
> >>    - [Smbldap-tools-tech] Problem creating machine
> >> accounts<https://mail.gna.org/public/smbldap-tools-tech/2008-09/msg00001.html>,
> >>
> >>    *Jonathan Warrington   (September 24, 2008 - 19:24)*
> >>
> >> I didn't know if Jonathan received a response, but I have two
> >> problems, one
> >> is exactly the same that's described there, and the other is explained as
> >> follows:
> >>
> >> I have samba + ldap PDC with smbldap-tools, and when I try to join the
> >> domain I get these error:
> >>
> >> root at patata:/# net rpc join -U administrador
> >>   Password:
> >>   Creation of workstation account failed
> >>   Unable to join domain TESTING.
> >>
> >>   If I take a look to the logs...:
> >>   2009/03/19 20:18:42, 0] passdb/pdb_interface.c:pdb_
> >> default_create_user(329)
> >>    _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w
> >> patata$' gave 127
> >>
> >>  Then manually, smbldap-useradd -w patata$:
> >>   Error: modifications require authentication at /usr/share/perl5/
> >> smbldap_tools.pm line 1083.
> >>
> >>   And if I create the machine account from phpldapadmin, it works
> >> perfectly.
> >>
> >>   What can I do? I tried:
> >>    net -U administrador%XXXX rpc rights grant 'TESTING\smbadmins'
> >> SeMachineAccountPrivilege,
> >>
> >>    also tried to modify smbldap.conf and smbldap_bind.conf, and I got
> >> nothing...
> >>
> >>   I followed many howto's and surelly there is something that i'm not
> >> understanding, but I don't know what. Any suggestion would surely be
> >> helpful.
> >>
> >> getent passwd and getent group works well. If I try to add a machine
> >> account
> >> from phpldapadmin, all goes right.
> >>
> >> This is my smbldap config:
> >> http://pastebin.ca/1365687
> >>
> >> And this my smb.conf:
> >> http://pastebin.ca/1365698
> >>
> >>
> >> Thank you all.
> >>
> >> LiPi
> >>   
> 
> 
> -- 
> John H Terpstra
> 
> "If at first you don't succeed, don't go sky-diving!"
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

_________________________________________________________________
Windows Live™ SkyDrive: Get 25 GB of free online storage.
http://windowslive.com/online/skydrive?ocid=TXT_TAGLM_WL_skydrive_032009


More information about the samba mailing list