RE pdb_ldap.c, ldapsam_add_sam_account, existing poxisaccount
spu at corman.be
spu at corman.be
Thu May 26 15:12:20 GMT 2005
Ok,
I re-read the script and the sambasamaccount is only added with -i option.
My position is :
- I asked the problem in 2004, I a put a BUG. For some reasons, no
reaction from samba team for this problem.
- My solution is modify the smbldap-script for add sambasamaccount
and add a machine on two step, it's work (until today)
add theses lines after the
if (defined($Options{'i'})) {
> ...
> }
if (defined($Options{'w'})) {
# For machine account
# Objectclass sambaSAMAccount must be added now !
my $date=time;
my $modify = $ldap_master->modify (
"uid=$userName,$config{computersdn}",
changes => [
replace => [objectClass
=> ['inetOrgPerson', 'posixAccount', 'sambaSAMAccount']],
add => [sambaLogonTime
=> '0'],
add => [sambaLogoffTime
=> '2147483647'],
add =>
[sambaKickoffTime => '2147483647'],
add =>
[sambaPwdCanChange => '0'],
add =>
[sambaPwdMustChange => '2147483647'],
add => [sambaPwdLastSet
=> "$date"],
add => [sambaAcctFlags
=> '[W ]'],
add => [sambaSID =>
"$user_sid"],
add =>
[sambaPrimaryGroupSID => "$config{SID}-515"]
]
);
$modify->code && die "failed to add entry: ", $modify->error ;
}
ask me if problem, I cannot add machine today, but if you can test for me I
appreciate.
thanks
Stéphane Purnelle
-----------------------------------
Stéphane PURNELLE stephane.purnelle at corman.be
Service Informatique Corman S.A. Tel : 00 32 087/342467
samba-technical-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit
sur 26/05/2005 16:57:49 :
> spu at corman.be wrote:
> > I forgot some details.
> > the script add the sambasamaccount.
> > could you send me the smbldap-useradd script for see what version you
use ?
> >
> > some smbldap script not add the sambasamaccount, because normally samba
> > must add it (and is this part which don't work).
> > the last version seems to add the sambasamaccount attributes and old
> > version too.
> Ah! smbldap-useradd in 0.8.7 certainly does not seem to add the
> sambasamaccount attributes. I just downloaded the latest 0.9.0 and that
> doesn't seem to either. Not with -w, which as i understand it is the way
> it should be used. -w just makes the posixaccount and expects samba to
> do the rest...
>
> # MACHINE ACCOUNT
> if (defined($Options{'w'}) or defined($Options{'i'})) {
>
> #print "About to create machine $userName:\n";
>
> if (!add_posix_machine
> ($userName,$userUidNumber,$userGidNumber,$Options{'t'})) {
> die "$0: error while adding posix account\n";
> }
>
> if (defined($Options{'i'})) {
> ...
> }
>
> $ldap_master->unbind;
> exit 0;
> }
>
> Should the add machine script set up the samba attributes? It seems a
> bit mad. Surely samba should be finding that the user exists but doesn't
> have the samba attributes and then it should modify the user? That's
> what the code in my original post appears to be trying to do...
>
> John
More information about the samba-technical
mailing list