[Samba] [SAMBA] Problem connecting Computer to network
Gaiseric Vandal
gaiseric.vandal at gmail.com
Fri Jul 30 14:05:53 MDT 2010
I am fairly certain that the underlying OS will need to see the samba
account with the "getent" command. We use ldap for unix level
authentication anyway so I am not 100% sure this is true.
Check /etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
Also check /etc/ldap.conf and /etc/openldap/ldap.conf (assuming you are
on linux and not solaris.)
On 07/30/2010 03:09 PM, Clark Johnston wrote:
> I reexamined the slapcat output and it did create iet013c$ account in
> LDAP, but getent passwd isn't showing it.
>
> When I look at a previous installation of a Samba LDAP PDC I do not
> see the accounts in /etc/passwd , but I do see them when I put in
> getent passwd.
>
> dn: uid=iet013c$,ou=Computers,dc=internaltest
> objectClass: top
> objectClass: account
> objectClass: posixAccount
> cn: iet013c$
> uid: iet013c$
> uidNumber: 1001
> gidNumber: 515
> homeDirectory: /dev/null
> loginShell: /bin/false
> description: Computer
> gecos: Computer
> structuralObjectClass: account
> entryUUID: e73c4f2e-2ee7-102f-8017-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728230213Z
> entryCSN: 20100728230213Z#000001#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728230213Z
>
> So I am not quite sure what is going on here.
>
>
> On Thu, Jul 29, 2010 at 4:44 PM, Gaiseric Vandal
> <gaiseric.vandal at gmail.com <mailto:gaiseric.vandal at gmail.com>> wrote:
>
> When you try to join a computer to the network, you mean you are
> trying to join a Windows PC (e.g. XP Pro) to the domain? Or you
> are trying to join the PDC machine to the domain?
>
>
> I would guess you need to manually create the PDC's unix account,
> even if samba is going to create the other unix accounts for you.
> (I don't have samba do this myself.) Does "getent passwd" show
> the accounts for your PDC and other computers? If you manually
> create the unix account for a computer, is it able to join the
> domain?
>
>
>
>
>
> On 07/29/2010 11:10 AM, Clark Johnston wrote:
>
> I am trying to attempt to set up a samba ldap PDC server.
>
> When I try and connect a computer to the network I get error
> 'Username could
> not be found'
>
> I have included smbldap.conf ##smbldap.conf
> slapd.conf ##slapd.conf
> the smb.conf ##smb.conf
> the results of slapcat ##slapcat
> the eriror log for log.roor ##log.root
>
>
>
> The error I marked as interesting ##interesting , shows that
> it can't create
> the user or maybe something else. But up until that time
> there didn't seem
> to be a problem.
>
> ##smbldap.conf
> SID="S-1-5-21-2244683438-1300233924-2635510394"
> sambaDomain="internaltest"
> slaveLDAP="127.0.0.1"
> slavePort="389"
> masterLDAP="127.0.0.1"
> masterPort="389"
> ldapTLS="0"
> ldapSSL="0"
> verify="none"
> cafile="/etc/smbldap-tools/ca.pem"
> clientcert="/etc/smbldap-tools/smbldap-tools.iallanis.info.pem"
> clientkey="/etc/smbldap-tools/smbldap-tools.iallanis.info.key"
> suffix="dc=internaltest"
> usersdn="ou=Users,${suffix}"
> computersdn="ou=Computers,${suffix}"
> groupsdn="ou=Groups,${suffix}"
> idmapdn="ou=Idmap,${suffix}"
> sambaUnixIdPooldn="sambaDomainName=${sambaDomain},${suffix}"
> scope="sub"
> hash_encrypt="SSHA"
> crypt_salt_format="%s"
> userLoginShell="/bin/bash"
> userHome="/home/%U"
> userHomeDirectoryMode="700"
> userGecos="System User"
> defaultUserGid="513"
> defaultComputerGid="515"
> skeletonDir="/etc/skel"
> defaultMaxPasswordAge="45"
> userSmbHome="\\PDC-TEST2\%U"
> userProfile="\\PDC-TEST2\profiles\%U"
> userHomeDrive="H:"
> userScript="logon.bat"
> mailDomain="internaltest.com <http://internaltest.com>"
> with_smbpasswd="0"
> smbpasswd="/usr/bin/smbpasswd"
> with_slappasswd="0"
> slappasswd="/usr/sbin/slappasswd"
>
> ##slapd.conf
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/nis.schema
> include /etc/openldap/schema/samba3.schema
> allow bind_v2
> pidfile /var/run/openldap/slapd.pid
> argsfile /var/run/openldap/slapd.args
> database bdb
> suffix "dc=internaltest"
> rootdn "cn=Manager,dc=internaltest"
> rootpw {SSHA}a7kYChHl9wXQKkJJYJ+JRLi/4EE2PH+B
> password-hash {SSHA}
> directory /var/lib/ldap
> index cn,sn,uid,displayName pres,sub,eq
> index uidNumber,gidNumber eq
> index sambaSID eq
> index sambaPrimaryGroupSID eq
> index sambaDomainName eq
> index objectClass pres,eq
> index default sub
>
>
> ##smb.conf
>
> # Global parameters
> [global]
> workgroup = internaltest
> netbios name = PDC-TEST2
> #security = DOMAIN
> enable privileges = yes
> #interfaces = 192.168.5.11
> #username map = /etc/samba/smbusers
> server string = Samba Server %v
> #security = ads
> encrypt passwords = Yes
> #min passwd length = 3
> #pam password change = no
> #obey pam restrictions = No
>
> # method 1:
> unix password sync = no
> ldap passwd sync = yes
>
> # method 2:
> #unix password sync = no
> #ldap passwd sync = no
> passwd program = /usr/sbin/smbldap-passwd -u "%u"
> passwd chat = "Changing *\nNew password*" %n\n
> "*Retype new
> password*" %n\n"
>
> log level = 3
> syslog = 0
> log file = /var/log/samba/log.%U
> max log size = 100000
> time server = Yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> SO_KEEPALIVE
> mangling method = hash2
> Dos charset = 850
> Unix charset = ISO8859-1
>
> logon script = logon.bat
> logon drive = H:
> logon home =
> logon path =
>
> domain logons = Yes
> domain master = Yes
> os level = 65
> preferred master = Yes
> wins support = yes
> # passdb backend = ldapsam:"ldap://ldap1.company.com
> <http://ldap1.company.com> ldap://
> ldap2.company.com <http://ldap2.company.com>"
> passdb backend = ldapsam:ldap://127.0.0.1
> <http://127.0.0.1>
> ldap admin dn = cn=Manager,dc=internaltest
> idmap backend = ldap:ldap://127.0.0.1 <http://127.0.0.1>
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind trusted domains only = Yes
> ldap admin dn = cn=Manager,dc=internaltest
> ldap suffix = dc=internaltest
> ldap group suffix = ou=Groups
> ldap user suffix = ou=Users
> ldap machine suffix = ou=Computers
> ldap idmap suffix = ou=Idmap
> add user script = /usr/sbin/smbldap-useradd -m "%u"
> #ldap delete dn = Yes
> delete user script = /usr/sbin/smbldap-userdel "%u"
> add machine script = /usr/sbin/smbldap-useradd -t 0 -w
> "%u"
> add group script = /usr/sbin/smbldap-groupadd -p "%g"
> #delete group script = /usr/sbin/smbldap-groupdel "%g"
> add user to group script = /usr/sbin/smbldap-groupmod
> -m "%u" "%g"
> delete user from group script =
> /usr/sbin/smbldap-groupmod -x "%u"
> "%g"
> set primary group script = /usr/sbin/smbldap-usermod
> -g '%g' '%u'
>
> # printers configuration
> #printer admin = @"Print Operators"
> load printers = Yes
> create mask = 0640
> directory mask = 0750
> #force create mode = 0640
> #force directory mode = 0750
> ldap ssl = off
> nt acl support = yes
> printing = cups
> printcap name = cups
> deadtime = 10
> guest account = nobody
> map to guest = Bad User
> dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
> show add printer wizard = yes
> ; to maintain capital letters in shortcuts in any of
> the profile
> folders:
> preserve case = yes
> short preserve case = yes
> case sensitive = no
>
> [netlogon]
> path = /home/netlogon/
> browseable = No
> read only = yes
>
> [profiles]
> path = /home/profiles
> read only = no
> create mask = 0600
> directory mask = 0700
> browseable = No
> guest ok = Yes
> profile acls = yes
> csc policy = disable
> # next line is a great way to secure the profiles
> #force user = %U
>
> [printers]
> comment = Network Printers
> #printer admin = @"Print Operators"
> guest ok = yes
> printable = yes
> path = /home/spool/
> browseable = No
> read only = Yes
> printable = Yes
> print command = /usr/bin/lpr -P%p -r %s
> lpq command = /usr/bin/lpq -P%p
> lprm command = /usr/bin/lprm -P%p %j
> # print command = /usr/bin/lpr -U%U@%M -P%p -r %s
> # lpq command = /usr/bin/lpq -U%U@%M -P%p
> # lprm command = /usr/bin/lprm -U%U@%M -P%p %j
> # lppause command = /usr/sbin/lpc -U%U@%M hold %p %j
> # lpresume command = /usr/sbin/lpc -U%U@%M release %p %j
> # queuepause command = /usr/sbin/lpc -U%U@%M stop %p
> # queueresume command = /usr/sbin/lpc -U%U@%M start %p
>
> [print$]
> path = /home/printers
> guest ok = No
> browseable = Yes
> read only = Yes
> valid users = @"Print Operators"
> write list = @"Print Operators"
> create mask = 0664
> directory mask = 0775
>
> [public]
> path = /tmp
> guest ok = yes
> browseable = Yes
> writable = yes
>
> ##slapcat
> dn: dc=internaltest
> objectClass: dcObject
> objectClass: organization
> o: CentOS Directory Server
> dc: internaltest
> structuralObjectClass: organization
> entryUUID: 19b35250-2ed8-102f-9754-c7020288f76f
> creatorsName: cn=Manager,dc=internaltest
> modifiersName: cn=Manager,dc=internaltest
> createTimestamp: 20100728210905Z
> modifyTimestamp: 20100728210905Z
> entryCSN: 20100728210905Z#000000#00#000000
>
> dn: cn=Manager,dc=internaltest
> objectClass: organizationalRole
> cn: Manager
> structuralObjectClass: organizationalRole
> entryUUID: 07daf7b2-2ed9-102f-8872-8915b8109776
> creatorsName: cn=Manager,dc=internaltest
> modifiersName: cn=Manager,dc=internaltest
> createTimestamp: 20100728211545Z
> modifyTimestamp: 20100728211545Z
> entryCSN: 20100728211545Z#000000#00#000000
>
> dn: ou=Users,dc=internaltest
> objectClass: top
> objectClass: organizationalUnit
> ou: Users
> structuralObjectClass: organizationalUnit
> entryUUID: bf1fb79c-2ee2-102f-8006-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000000#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: ou=Groups,dc=internaltest
> objectClass: top
> objectClass: organizationalUnit
> ou: Groups
> structuralObjectClass: organizationalUnit
> entryUUID: bf214224-2ee2-102f-8007-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000001#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: ou=Computers,dc=internaltest
> objectClass: top
> objectClass: organizationalUnit
> ou: Computers
> structuralObjectClass: organizationalUnit
> entryUUID: bf22011e-2ee2-102f-8008-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000002#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: ou=Idmap,dc=internaltest
> objectClass: top
> objectClass: organizationalUnit
> ou: Idmap
> structuralObjectClass: organizationalUnit
> entryUUID: bf22362a-2ee2-102f-8009-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000003#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: uid=root,ou=Users,dc=internaltest
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: sambaSamAccount
> objectClass: posixAccount
> objectClass: shadowAccount
> gidNumber: 0
> uid: root
> uidNumber: 0
> homeDirectory: /home/root
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaHomeDrive: H:
> sambaPrimaryGroupSID:
> S-1-5-21-2244683438-1300233924-2635510394-512
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394-500
> structuralObjectClass: inetOrgPerson
> entryUUID: bf22ac2c-2ee2-102f-800a-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> sambaHomePath: \\
>
>
>
> -TEST2\root
> sambaProfilePath: \\PDC-TEST2\profiles\root
> gecos: Netbios Domain Administrator,,,,
> cn: Netbios Domain Administrator
> sn: Administrator
> givenName: Netbios Domain
> loginShell: /bin/false
> sambaLMPassword: EEF4826EA1DFCD118B0EA5A7DF135B03
> sambaAcctFlags: [U]
> sambaNTPassword: 5445CDB17290909D53D0DFCF99143190
> sambaPwdLastSet: 1280358116
> sambaPwdMustChange: 1284246116
> userPassword::
> e1NTSEF9cCs2RStCT1RPeVBwMldPRnkvcDdmSWZyYWhrdU1tRmE=
> shadowLastChange: 14818
> shadowMax: 45
> entryCSN: 20100728230156Z#000001#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728230156Z
>
> dn: uid=nobody,ou=Users,dc=internaltest
> cn: nobody
> sn: nobody
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: sambaSamAccount
> objectClass: posixAccount
> objectClass: shadowAccount
> gidNumber: 514
> uid: nobody
> uidNumber: 999
> homeDirectory: /dev/null
> sambaPwdLastSet: 0
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaPwdMustChange: 2147483647
> sambaHomePath: \\PDC-TEST\nobody
> sambaHomeDrive: H:
> sambaProfilePath: \\PDC-TEST\profiles\nobody
> sambaPrimaryGroupSID:
> S-1-5-21-2244683438-1300233924-2635510394-514
> sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
> sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
> sambaAcctFlags: [NUD ]
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394-2998
> loginShell: /bin/false
> structuralObjectClass: inetOrgPerson
> entryUUID: bf2688a6-2ee2-102f-800b-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000005#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Domain Admins,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 512
> cn: Domain Admins
> memberUid: root
> description: Netbios Domain Administrators
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394-512
> sambaGroupType: 2
> displayName: Domain Admins
> structuralObjectClass: posixGroup
> entryUUID: bf271672-2ee2-102f-800c-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000006#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Domain Users,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 513
> cn: Domain Users
> description: Netbios Domain Users
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394-513
> sambaGroupType: 2
> displayName: Domain Users
> structuralObjectClass: posixGroup
> entryUUID: bf286144-2ee2-102f-800d-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> memberUid: user1
> entryCSN: 20100728222639Z#000002#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222639Z
>
> dn: cn=Domain Guests,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 514
> cn: Domain Guests
> description: Netbios Domain Guests Users
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394-514
> sambaGroupType: 2
> displayName: Domain Guests
> structuralObjectClass: posixGroup
> entryUUID: bf28e628-2ee2-102f-800e-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000008#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Domain Computers,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 515
> cn: Domain Computers
> description: Netbios Domain Computers accounts
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394-515
> sambaGroupType: 2
> displayName: Domain Computers
> structuralObjectClass: posixGroup
> entryUUID: bf2966c0-2ee2-102f-800f-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#000009#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Administrators,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 544
> cn: Administrators
> description: Netbios Domain Members can fully administer the
> computer/sambaDom
> ainName
> sambaSID: S-1-5-32-544
> sambaGroupType: 5
> displayName: Administrators
> structuralObjectClass: posixGroup
> entryUUID: bf29e8ca-2ee2-102f-8010-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#00000a#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Account Operators,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 548
> cn: Account Operators
> description: Netbios Domain Users to manipulate users accounts
> sambaSID: S-1-5-32-548
> sambaGroupType: 5
> displayName: Account Operators
> structuralObjectClass: posixGroup
> entryUUID: bf2a689a-2ee2-102f-8011-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#00000b#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Print Operators,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 550
> cn: Print Operators
> description: Netbios Domain Print Operators
> sambaSID: S-1-5-32-550
> sambaGroupType: 5
> displayName: Print Operators
> structuralObjectClass: posixGroup
> entryUUID: bf2ae89c-2ee2-102f-8012-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#00000c#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Backup Operators,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 551
> cn: Backup Operators
> description: Netbios Domain Members can bypass file security
> to back up
> files
> sambaSID: S-1-5-32-551
> sambaGroupType: 5
> displayName: Backup Operators
> structuralObjectClass: posixGroup
> entryUUID: bf2b942c-2ee2-102f-8013-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#00000d#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: cn=Replicators,ou=Groups,dc=internaltest
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 552
> cn: Replicators
> description: Netbios Domain Supports file replication in a
> sambaDomainName
> sambaSID: S-1-5-32-552
> sambaGroupType: 5
> displayName: Replicators
> structuralObjectClass: posixGroup
> entryUUID: bf2c266c-2ee2-102f-8014-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> entryCSN: 20100728222518Z#00000e#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728222518Z
>
> dn: sambaDomainName=internaltest,dc=internaltest
> objectClass: top
> objectClass: sambaDomain
> objectClass: sambaUnixIdPool
> sambaDomainName: internaltest
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394
> gidNumber: 1000
> sambaNextRid: 1000
> structuralObjectClass: sambaDomain
> entryUUID: bf2cc680-2ee2-102f-8015-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222518Z
> sambaPwdHistoryLength: 0
> sambaRefuseMachinePwdChange: 0
> sambaMaxPwdAge: -1
> sambaLockoutThreshold: 0
> uidNumber: 1002
> entryCSN: 20100728230213Z#000000#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728230213Z
>
> dn: uid=user1,ou=Users,dc=internaltest
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: shadowAccount
> objectClass: sambaSamAccount
> cn: user1
> sn: user1
> givenName: user1
> uid: user1
> uidNumber: 1000
> gidNumber: 513
> homeDirectory: /home/user2
> loginShell: /bin/bash
> gecos: System User
> structuralObjectClass: inetOrgPerson
> entryUUID: ef8c3752-2ee2-102f-8016-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728222639Z
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> displayName: user1
> sambaSID: S-1-5-21-2244683438-1300233924-2635510394-3000
> sambaPrimaryGroupSID:
> S-1-5-21-2244683438-1300233924-2635510394-513
> sambaLogonScript: logon.bat
> sambaHomeDrive: H:
> sambaAcctFlags: [U]
> sambaPwdLastSet: 1280356019
> sambaPwdMustChange: 1284244019
> userPassword::
> e1NTSEF9OFBQNGJJaXprRUNSblB3a2Q0SWpmd291Q3psVlNVczQ=
> shadowLastChange: 14818
> shadowMax: 45
> sambaHomePath: \\PDC-TEST2\user1
> sambaLMPassword: 64FE560F50A6EADE95D73E8F5168779A
> sambaNTPassword: 6CE7BF494BAF59B260C9C1DEFD85538E
> entryCSN: 20100728223207Z#000000#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728223207Z
>
> dn: uid=iet013c$,ou=Computers,dc=internaltest
> objectClass: top
> objectClass: account
> objectClass: posixAccount
> cn: iet013c$
> uid: iet013c$
> uidNumber: 1001
> gidNumber: 515
> homeDirectory: /dev/null
> loginShell: /bin/false
> description: Computer
> gecos: Computer
> structuralObjectClass: account
> entryUUID: e73c4f2e-2ee7-102f-8017-31ff3607ac6d
> creatorsName: cn=Manager,dc=internaltest
> createTimestamp: 20100728230213Z
> entryCSN: 20100728230213Z#000001#00#000000
> modifiersName: cn=Manager,dc=internaltest
> modifyTimestamp: 20100728230213Z
>
> ##log.root
> [2010/07/28 18:08:23.307225, 3]
> auth/auth.c:216(check_ntlm_password)
> check_ntlm_password: Checking password for unmapped user
> [INTERNALTEST]\[root]@[IET013C] with the new password interface
> [2010/07/28 18:08:23.307267, 3]
> auth/auth.c:219(check_ntlm_password)
> check_ntlm_password: mapped user is:
> [INTERNALTEST]\[root]@[IET013C]
>
> [2010/07/28 18:08:23.307512, 2]
> lib/smbldap.c:950(smbldap_open_connection)
> smbldap_open_connection: connection opened
> [2010/07/28 18:08:23.308337, 3]
> lib/smbldap.c:1166(smbldap_connect_system)
> ldap_connect_system: successful connection to the LDAP server
>
> [2010/07/28 18:08:23.319167, 2]
> passdb/pdb_ldap.c:2446(init_group_from_ldap)
> init_group_from_ldap: Entry found for group: 513
> [2010/07/28 18:08:23.321964, 3]
> auth/auth.c:265(check_ntlm_password)
> check_ntlm_password: sam authentication for user [root]
> succeeded
>
> [2010/07/28 18:08:23.322080, 2]
> auth/auth.c:304(check_ntlm_password)
> check_ntlm_password: authentication for user [root] ->
> [root] -> [root]
> succeeded
> [
> [2010/07/28 18:08:23.323898, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID
> [S-1-5-21-2244683438-1300233924-2635510394-500]
> [2010/07/28 18:08:23.323929, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-0]
> [2010/07/28 18:08:23.323969, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-5-2]
> [2010/07/28 18:08:23.323996, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-5-11]
> [2010/07/28 18:08:23.324023, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-1]
> [2010/07/28 18:08:23.324050, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-2]
> [2010/07/28 18:08:23.324077, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-3]
> [2010/07/28 18:08:23.324104, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-4]
> [2010/07/28 18:08:23.324131, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-6]
> [2010/07/28 18:08:23.324158, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-10]
>
> [2010/07/28 18:08:23.325356, 3]
> smbd/password.c:282(register_existing_vuid)
> register_existing_vuid: User name: root Real name:
> Netbios Domain
> Administrator
> [2010/07/28 18:08:23.325380, 3]
> smbd/password.c:292(register_existing_vuid)
> register_existing_vuid: UNIX uid 0 is UNIX user root, and
> will be vuid 100
> [2010/07/28 18:08:23.325470, 3]
> smbd/password.c:223(register_homes_share)
> Adding homes service for user 'root' using home directory:
> '/root'
>
> [2010/07/28 18:08:23.327976, 3]
> smbd/service.c:1070(make_connection_snum)
> iet013c (::ffff:10.10.7.167) connect to service IPC$
> initially as user
> root (uid=0, gid=0) (pid 10971)
>
>
> [2010/07/28 18:08:23.334088, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 80
> [2010/07/28 18:08:23.334114, 3]
> rpc_server/srv_pipe.c:2414(api_rpcTNP)
> api_rpcTNP: rpc command: LSA_OPENPOLICY2
> [2010/07/28 18:08:23.334192, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 1084
> [2010/07/28 18:08:23.334960, 3] smbd/process.c:1485(process_smb)
> Transaction 8 of length 134 (0 toread)
> [2010/07/28 18:08:23.334984, 3]
> smbd/process.c:1294(switch_message)
> switch message SMBtrans (pid 10971) conn 0x2ac41ab15fb0
> [2010/07/28 18:08:23.335010, 3] smbd/ipc.c:545(handle_trans)
> trans<\PIPE\> data=46 params=0 setup=2
> [2010/07/28 18:08:23.335032, 3] smbd/ipc.c:496(named_pipe)
> named pipe command on<> name
> [2010/07/28 18:08:23.335052, 3] smbd/ipc.c:460(api_fd_reply)
> Got API command 0x26 on pipe "lsarpc" (pnum 22bc)
> [2010/07/28 18:08:23.335077, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 0
> [2010/07/28 18:08:23.335099, 3]
> rpc_server/srv_pipe.c:2414(api_rpcTNP)
> api_rpcTNP: rpc command: LSA_QUERYINFOPOLICY2
> [2010/07/28 18:08:23.335128, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 0
> [2010/07/28 18:08:23.335964, 3] smbd/process.c:1485(process_smb)
> Transaction 9 of length 134 (0 toread)
> [2010/07/28 18:08:23.335988, 3]
> smbd/process.c:1294(switch_message)
> switch message SMBtrans (pid 10971) conn 0x2ac41ab15fb0
> [2010/07/28 18:08:23.336013, 3] smbd/ipc.c:545(handle_trans)
> trans<\PIPE\> data=46 params=0 setup=2
> [2010/07/28 18:08:23.336036, 3] smbd/ipc.c:496(named_pipe)
> named pipe command on<> name
> [2010/07/28 18:08:23.336055, 3] smbd/ipc.c:460(api_fd_reply)
> Got API command 0x26 on pipe "lsarpc" (pnum 22bc)
> [2010/07/28 18:08:23.336080, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 0
> [2010/07/28 18:08:23.336101, 3]
> rpc_server/srv_pipe.c:2414(api_rpcTNP)
> api_rpcTNP: rpc command: LSA_QUERYINFOPOLICY
> [2010/07/28 18:08:23.336142, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 140
> [2010/07/28 18:08:23.337957, 3] smbd/process.c:1485(process_smb)
> Transaction 10 of length 104 (0 toread)
> [2010/07/28 18:08:23.337981, 3]
> smbd/process.c:1294(switch_message)
> switch message SMBntcreateX (pid 10971) conn 0x2ac41ab15fb0
>
>
> [2010/07/28 18:08:23.376056, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 82
> [2010/07/28 18:08:23.376079, 3]
> rpc_server/srv_pipe.c:2414(api_rpcTNP)
> api_rpcTNP: rpc command: NETR_SERVERREQCHALLENGE
> [2010/07/28 18:08:23.376125, 3]
> rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
> free_pipe_context: destroying talloc pool of size 0
>
> check_ntlm_password: Checking password for unmapped user
> [INTERNALTEST]\[root]@[IET013C] with the new password interface
> [2010/07/28 18:08:23.754944, 3]
> auth/auth.c:219(check_ntlm_password)
> check_ntlm_password: mapped user is:
> [INTERNALTEST]\[root]@[IET013C]
>
> [2010/07/28 18:08:23.762781, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID
> [S-1-5-21-2244683438-1300233924-2635510394-500]
> [2010/07/28 18:08:23.762812, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-0]
> [2010/07/28 18:08:23.762848, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-5-2]
> [2010/07/28 18:08:23.762875, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-5-11]
> [2010/07/28 18:08:23.762902, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-1]
> [2010/07/28 18:08:23.762929, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-2]
> [2010/07/28 18:08:23.762960, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-3]
> [2010/07/28 18:08:23.762987, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-4]
> [2010/07/28 18:08:23.763014, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-6]
> [2010/07/28 18:08:23.763041, 3]
> lib/privileges.c:63(get_privileges)
> get_privileges: No privileges assigned to SID [S-1-22-2-10]
>
> [2010/07/28 18:08:23.764297, 3]
> smbd/password.c:282(register_existing_vuid)
> register_existing_vuid: User name: root Real name:
> Netbios Domain
> Administrator
> [2010/07/28 18:08:23.764322, 3]
> smbd/password.c:292(register_existing_vuid)
> register_existing_vuid: UNIX uid 0 is UNIX user root, and
> will be vuid 100
> [2010/07/28 18:08:23.764406, 3]
> smbd/password.c:223(register_homes_share)
> Adding homes service for user 'root' using home directory:
> '/root'
>
> [2010/07/28 18:08:23.766770, 3]
> smbd/reply.c:846(reply_tcon_and_X)
> tconX service=IPC$
> [2010/07/28 18:08:23.768679, 3] smbd/process.c:1485(process_smb)
> Transaction 4 of length 104 (0 toread)
> [2010/07/28 18:08:23.768704, 3]
> smbd/process.c:1294(switch_message)
> switch message SMBntcreateX (pid 10975) conn 0x2ac41ab18b90
>
> [2010/07/28 18:08:23.984602, 0]
> passdb/pdb_interface.c:348(pdb_default_create_user)
> _samr_create_user: Running the command
> `/usr/sbin/smbldap-useradd -t 0 -w
> "iet013c$"' gave 9
> [2010/07/28 18:08:23.984755, 3]
> passdb/pdb_interface.c:365(pdb_default_create_user)
> pdb_default_create_user: failed to create a new user structure:
> NT_STATUS_NO_SUCH_USER
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list