[Samba] classicupgrade from LDAP - failed to find Unix account for machine account

David Adam zanchey at ucc.gu.uwa.edu.au
Thu Apr 4 16:19:49 MDT 2013

On Thu, 4 Apr 2013, Andrew Bartlett wrote:
> On Thu, 2013-04-04 at 15:30 +0800, David Adam wrote:
> > Hi all,
> > 
> > We have a somewhat crufty Samba 3 PDC NT-style domain backed on to an 
> > OpenLDAP server that we use for both Linux and Windows 7 authentication, 
> > thanks to the magic of ldapsam and smbk5pwd.
> > 
> So, what has happened is that I've forced on the 'ldapsam:trusted' in
> our classicupgrade script, as it makes it much, much easier to set up a
> migration, as you don't have to set up nss_ldap and then tear it down
> again.  
> I had assumed that almost all installations of Samba as a DC on LDAP
> would store the unix account with the Samba account. 

Your psychic powers were accurate; for some reason we still have a few 
machine accounts in /etc/passwd on the PDC and not in LDAP, even though we 
have ldapsam:trusted set. (I'm surprised that works.)

Deleting the entries in /etc/passwd and rejoining the machines to the 
domain helps immensely.


zanchey at ucc.gu.uwa.edu.au

More information about the samba mailing list