[Samba] PDC witch LDAP and machine account lookup
stefan.michalsky at farbwahl.de
Fri Oct 2 03:20:21 MDT 2009
so it looks like something with adding machine accounts manually does not
work for me.
After reconfiguring the smbldap tools and removing the computer (farbwahl06)
domain i added it again. The automatically created machine account works
fine and i
am able to logon to the domain.
The differences between the pdbedit outputs have not been that big but big
make trouble i guess.
Thanks for your help Bruno.
Von: Bruno MACADRE [mailto:bruno.macadre at univ-rouen.fr]
Gesendet: Donnerstag, 1. Oktober 2009 22:10
An: Stefan Michalsky
Betreff: Re: [Samba] PDC witch LDAP and machine account lookup
It looks strange... I've you tried to increase your log level
(specially on tdb and passdb). Something like :
log level = 2 tdb:5 passdb:5
And look for any strange behavior when you try to log onto
farbwhal06 or when you try to join it to the domain.
I don't use smbldap-tools so i can help you with this, for me adding
a machine to the LDAP is like adding a user, the only difference is that
the username (uid for LDAP) finish with a $
If you try :
# pdbedit -v farbwahl06$
# pdbedit -v farbwahl04$
Look for any difference between the 2 results !
Stefan Michalsky a écrit :
> Hey Bruno,
> it seems that the problem is something else. I tested on one computer
> (farbwahl06 - WinXP Pro Client)
> most of the time. But i have another machine to test (farbwahl04 -
> I moved the machine account for farbwahl04 from People to Computers and
> works fine. So i tried all variants for farbwahl06 (account in People and
> changed suffixes and so on) and the machine account for farbwahl06 seems
> broken. I tried to create a new one, but this doesn't help too.
> So how do you create machine accounts? Perhaps i am missing something.
> Adding machine
> accounts automatically doesn't work too by the way. The Samba server is a
> gentoo (Linux version 2.6.23-hardened-r12).
> Please find attached my smb.conf (farbwahl04 is working with this) ***
> Kind regards,
> -----Ursprüngliche Nachricht-----
> Von: Bruno MACADRE [mailto:bruno.macadre at univ-rouen.fr]
> Gesendet: Donnerstag, 1. Oktober 2009 17:51
> An: Stefan Michalsky
> Betreff: Re: [Samba] PDC witch LDAP and machine account lookup
> Stefan Michalsky a écrit :
>> Hey all,
>> i do have the following problem: i set up a PDC with Samba with an LDAP
>> backend. Everything works fine but the machine account lookup. If i try
>> logon to the domain i have to create the machine account in
>> ou=People,dc=testing,dc=de. Everything works fine with this. But if i
>> the machine account in ou=Computers,dc=testing,dc=de and change all
>> according to this the search performed looks like this in slapd log file:
>> Oct 1 15:42:59 [slapd] conn=908 op=4 SRCH
>> scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=farbwahl06$))"_
>> So where is the mistake? I found some forum posts but all with no
>> Is it a configuration issue or a software problem?
> Are you sure that your "ldap machine suffix" is changed to "ldap
> machine suffix = ou=Computers" ?
> Can you show your smb.conf when you want to have machine account in
> ou=Computers ?
More information about the samba