[Samba] classicupgrade from LDAP - failed to find Unix account for machine account
David Adam
zanchey at ucc.gu.uwa.edu.au
Thu Apr 4 16:19:49 MDT 2013
On Thu, 4 Apr 2013, Andrew Bartlett wrote:
> On Thu, 2013-04-04 at 15:30 +0800, David Adam wrote:
> > Hi all,
> >
> > We have a somewhat crufty Samba 3 PDC NT-style domain backed on to an
> > OpenLDAP server that we use for both Linux and Windows 7 authentication,
> > thanks to the magic of ldapsam and smbk5pwd.
> >
>
> So, what has happened is that I've forced on the 'ldapsam:trusted' in
> our classicupgrade script, as it makes it much, much easier to set up a
> migration, as you don't have to set up nss_ldap and then tear it down
> again.
>
> I had assumed that almost all installations of Samba as a DC on LDAP
> would store the unix account with the Samba account.
Your psychic powers were accurate; for some reason we still have a few
machine accounts in /etc/passwd on the PDC and not in LDAP, even though we
have ldapsam:trusted set. (I'm surprised that works.)
Deleting the entries in /etc/passwd and rejoining the machines to the
domain helps immensely.
Thanks
David
zanchey at ucc.gu.uwa.edu.au
More information about the samba
mailing list