[Samba] Segmentation Fault when trying to set root samba password, IPA as a backend
Rowland penny
rpenny at samba.org
Sun Mar 6 18:17:58 UTC 2016
On 06/03/16 17:55, Harry Jede wrote:
> On 18:30:33 wrote Rowland penny:
>> On 06/03/16 16:43, Harry Jede wrote:
>>> On 17:34:10 wrote Rowland penny:
>>>> On 06/03/16 15:53, Harry Jede wrote:
>>>>> On 16:47:40 wrote Rowland penny:
>>>>>> /usr/local/samba/bin/smbpasswd -a ldap02
>>>>> as far as i remember this has never worked! According to the man
>>>>> page this call should add a user to the *local* smb password
>>>>> store. And this is by default /etc/samba/smbpasswd and not any
>>>>> ldap backend.
>>>>>
>>>>> If one wish to use any ldap backend more params are needed. RTFM
>>>> In that case, how am I adding users that don't exist in
>>>> /etc/passwd to ldap with 'smbpasswd -a username' ?
>>> you may use any other tool or script., bot *not* smbpasswd
>>>
>>>> Perhaps you need to read the manpage again, pay particular
>>>> attention to ldapsam:editposix
>>> this is a smb.conf param and as such is explained in man smb.conf.
>>>
>>> I read man smbpasswd. Here a short snippet:
>>>
>>> OPTIONS
>>>
>>> -a
>>>
>>> This option specifies that the username following should be added
>>> to the *local smbpasswd file* , with the new password typed (type
>>> <Enter> for the old password). This option is ignored if the
>>> username following already exists in the smbpasswd file and it is
>>> treated like a regular change password command. Note that the
>>> default passdb backends *require the user to already exist in the
>>> system password file* (usually /etc/passwd), *else the request to
>>> add the user will fail* .
>>>
>>>> Rowland
>> so, if a user *must* exist in /etc/passwd, how did I end up with this
>> in ldap after running 'smbpasswd -a ldap10':
>>
>> dn: uid=ldap10,ou=users,dc=example,dc=com
>> uid: ldap10
>> sambaSID: S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-1012
>> objectClass: sambaSamAccount
>> objectClass: account
>> objectClass: posixAccount
>> cn: ldap10
>> uidNumber: 10008
>> gidNumber: 10000
>> homeDirectory: /home/ldap10
>> loginShell: /bin/bash
>> sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>> sambaPasswordHistory:
>> 00000000000000000000000000000000000000000000000000000000
>> 00000000
>> sambaPwdLastSet: 1457275169
>> sambaAcctFlags: [U ]
> Does this happen on a system with or without Volkers new fix?
Volkers fix (for me) just gets the password added, without the fix, the
user is created but the password doesn't get added.
>
> Rowland I have not written the smbpasswd man page!
>
> If the man page says the user must exist. OK, then i believe it is true.
> If the man page says this tool works against the local smbpasswd store
> then i believe it is true.
> If the man page says the local passwd store is the file
> /etc/samba/smbpasswd then I believe it is true.
Well, lets put it this way, when and if the secondary segfault gets
fixed, I will be proposing patches to the smb.conf manpage.
>
> *And* if if read this document
> https://wiki.samba.org/index.php/Samba_3.4_Features_added/changed
> section *Configuration changes* i am pretty sure this thread waste a lot
> of time.
There is a page here: https://wiki.samba.org/index.php/Ldapsam_Editposix
This describes how to set up ldapsam without smbldap-tools
There is also this page (in japanese):
http://wiki.samba.gr.jp/mediawiki/index.php?title=How_to_build_Samba_PDC_%28squeeze%29
They are both slightly wrong if used with Samba 4, syntax etc, but I
have an NT4-style PDC running in a test VM, without any sign of
smbldap-tools. The only problem seems to be in actually creating users
and this is mostly fixed.
Rowland
>
>> and 'cat /etc/passwd | grep ldap10' returns nothing ??????
>>
>> Rowland
>
More information about the samba
mailing list