I have a problem that is about to drive me crazy. I migrated the
domain from tdbsam to ldapsam a couple of weeks ago. Everything seemed
to work fine and the transition was seamless for existing users and
computers.
Now I need to add a new computer to the domain and the following
happens:
When joining from the windows client, the entry gets created in
ldap, but something is missing. There are no samba object classes.
Windows gives the error message, "Fant ikke brukernavnet", that
means "No such user". So fun with norwegian software. It makes it SO
easy for a sysadmin to search for error messages on the web. *sigh*
The ldap part of my smb.conf looks like this:
-------
passdb backend = ldapsam:ldap://ldapserver.company.com/
ldap admin dn = cn=Manager,dc=company,dc=com
ldap suffix = dc=company,dc=com
ldap passwd sync = Yes
ldap group suffix = ou=Groups
ldap user suffix = ou=Usergroup
ldap machine suffix = ou=Computers
add user script = /usr/sbin/smbldap-useradd -m %u
ldap delete dn = Yes
add machine script = /usr/sbin/smbldap-useradd -t 5 -a -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
-------
/etc/smbldap-tools/smbldap.conf excerpt:
-------
SID=<samba sid of my domain>
sambaDomain="SCALI"
masterLDAP="111.222.333.444"
masterPort="389"
suffix="dc=company,dc=com"
usersdn="ou=Usergroup,dc=compay,dc=com"
computersdn="ou=Computers,dc=company,dc=com"
groupsdn="ou=Groups,dc=company,dc=com"
sambaUnixIdPooldn="sambaDomainName=COMPANY,dc=comp any,dc=com"
scope="sub"
hash_encrypt="SSHA"
crypt_salt_format="%s"
userLoginShell="/bin/bash"
userHome="/home/%U"
userHomeDirectoryMode="700"
userGecos="System User"
defaultUserGid="513"
defaultComputerGid="515"
skeletonDir="/etc/skel"
defaultMaxPasswordAge="45"
userSmbHome="\\samba\%U"
userProfile="\\samba\%U"
userHomeDrive="Z:"
userScript="logon.bat"
mailDomain="company.com"
with_smbpasswd="1"
smbpasswd="/usr/bin/smbpasswd"
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"
-----
After having tried to join the computer to the domain, the entry in
ldap (fetched from slapcat) looks like this:
-----
dn: uid=winclient$,ou=Computers,dc=company,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
cn: winclient$
sn: winclient$
uid: winclient$
uidNumber: 1029
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
structuralObjectClass: inetOrgPerson
entryUUID: 7e71ea9a-bd5d-1029-8787-cf9e3f34438d
creatorsName: cn=Manager,dc=company,dc=com
createTimestamp: 20050919133157Z
entryCSN: 20050919133157Z#000002#00#000000
modifiersName: cn=Manager,dc=company,dc=com
modifyTimestamp: 20050919133157Z
-----
Can anyone please help me? I need to join clients to my domain.
--
Rolf Arne Schulze
Min Weblog:
http://rolfas.net/
Similar Threads
Linear Mode
