[Samba] Unable to add machine accounts
Chris St. Pierre
stpierre at NebrWesleyan.edu
Fri Mar 27 18:27:11 GMT 2009
I have the exact same problem as this guy:
http://lists.samba.org/archive/samba/2006-September/125699.html
He describes it much better and in much more detail than I could, so
I'll let him speak for me.
Unfortunately, I don't have the same solution. nss_ldap is configured
properly, and things like 'getent passwd' and 'id machine-acct$' show
the machine accounts as expected:
% getent passwd | grep stpierre
stpierre:x:2273:4000:Christopher St
Pierre:/home/faculty/stpierre:/bin/zsh
stpierre-pc$:*:1944:1000:Computer:/dev/null:/bin/false
% id stpierre-pc$
uid=1944(stpierre-pc$) gid=1000 groups=1000
Unfortunately, "fix nss_ldap" is about the only suggestion I could
find on this problem on Google. Any other suggestions? Thanks!
I'm running samba 3.0.33 on RHEL 5. /etc/ldap.conf (nss_ldap.conf on
other distros):
uri ldap://ldap.nebrwesleyan.edu
base o=NebrWesleyan.edu,o=isp
timelimit 30
bind_timelimit 30
bind_policy soft
nss_initgroups_ignoreusers root,ldap
ssl start_tls
tls_checkpeer no
The [global] section of smb.conf:
[global]
server string = Huxley
workgroup = NWU_HUXLEY
netbios name = Huxley
log level = 1
log file = /var/log/samba/%U.%m.log
max log size = 102400
add machine script = /usr/sbin/smbldap-useradd -t 10 -w '%m'
bind interfaces only = true
interfaces = 10.1.1.44
logon path =
logon home =
logon drive =
socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536 SO_KEEPALIVE
max smbd processes = 0
encrypt passwords = yes
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
security = user
os level = 33
wins server = 10.9.1.12
admin users = +ntadmin
passdb backend = ldapsam:ldap://ldap.nebrwesleyan.edu
ldap suffix = o=nebrwesleyan.edu,o=isp
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap admin dn = cn=directory manager
ldap ssl = off
idmap uid = 10000-20000
idmap gid = 10000-20000
blocking locks = no
unix extensions = no
include = /etc/samba/%U.inc
Chris St. Pierre
Unix Systems Administrator
Nebraska Wesleyan University
More information about the samba
mailing list