Hi Everyone I have installed FSD and console seems working fine: I can log, adding entries, etc. Following the Samba-Howto (http://people.redhat.com/astokes/samba_rhds.pdf) I encountered problems with net groupmap command: ____________________________________________________________________________ [root@fedorac4 setup]# net groupmap add rid=512 ntgroup="Domain Admins" unixgroup="Domain Admins" --debuglevel=10 [2005/07/19 12:09:44, 5] lib/debug.c:debug_dump_status(366) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 [2005/07/19 12:09:44, 3] param/loadparm.c:lp_load(3916) lp_load: refreshing parameters [2005/07/19 12:09:44, 3] param/loadparm.c:init_globals(1321) Initialising global parameters [2005/07/19 12:09:44, 3] param/params.c:pm_process(573) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2005/07/19 12:09:44, 3] param/loadparm.c:do_section(3418) Processing section "[global]" doing parameter workgroup = FEDORAC4 doing parameter username map = /etc/samba/smbusers doing parameter enable privileges = yes doing parameter server string = Samba Server %v doing parameter security = user doing parameter encrypt passwords = Yes doing parameter min passwd length = 3 [2005/07/19 12:09:44, 1] param/loadparm.c:lp_do_parameter(3159) WARNING: The "min passwd length" option is deprecated doing parameter obey pam restrictions = No doing parameter ldap passwd sync = Yes doing parameter passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u doing parameter ldap passwd sync = Yes doing parameter log level = 0 doing parameter syslog = 0 doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 100000 doing parameter time server = Yes doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter mangling method = hash2 doing parameter Dos charset = 850 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ASCII [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset ASCII [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset 646 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset 646 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ISO-8859-1 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset ISO-8859-1 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS2-HEX [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS2-HEX [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE doing parameter Unix charset = ISO8859-1 [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE doing parameter logon script = logon.bat doing parameter logon drive = H: doing parameter logon home = doing parameter logon path = doing parameter domain logons = Yes doing parameter os level = 65 doing parameter preferred master = Yes doing parameter domain master = Yes doing parameter wins support = Yes doing parameter passdb backend = ldapsam:ldap://fedorac4.localdomain doing parameter ldap admin dn = cn=Directory Manager doing parameter ldap suffix = dc=localdomain doing parameter ldap group suffix = ou=Groups doing parameter ldap user suffix = ou=People doing parameter ldap machine suffix = ou=Computers doing parameter ldap idmap suffix = ou=Users doing parameter add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" doing parameter ldap delete dn = Yes doing parameter add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" doing parameter add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" doing parameter add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" doing parameter delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" doing parameter set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u" doing parameter printer admin = @"Print Operators" doing parameter load printers = Yes doing parameter create mask = 0640 doing parameter directory mask = 0750 doing parameter nt acl support = No doing parameter printing = cups doing parameter printcap name = cups doing parameter deadtime = 10 doing parameter guest account = nobody doing parameter map to guest = Bad User doing parameter dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd doing parameter show add printer wizard = yes doing parameter preserve case = yes doing parameter short preserve case = yes doing parameter case sensitive = no [2005/07/19 12:09:44, 4] param/loadparm.c:lp_load(3947) pm_process() returned Yes [2005/07/19 12:09:44, 7] param/loadparm.c:lp_servicenumber(4057) lp_servicenumber: couldn't find homes [2005/07/19 12:09:44, 10] param/loadparm.c:set_server_role(3865) set_server_role: role = ROLE_DOMAIN_PDC [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/util.c:init_names(278) Netbios name list:- my_netbios_names[0]="FEDORAC4" [2005/07/19 12:09:44, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.162 bcast=10.255.255.255 nmask=255.0.0.0 [2005/07/19 12:09:44, 10] intl/lang_tdb.c:lang_tdb_init(135) lang_tdb_init: /usr/lib/samba/it_IT.UTF-8.msg: No such file or directory Can't lookup UNIX group Domain Admins [2005/07/19 12:09:44, 2] utils/net.c:main(897) return code = -1 _________________________________________________________________________________
This is the global section of smb.conf I use: [global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u" printer admin = @"Print Operators" load printers = Yes create mask = 0640 directory mask = 0750 nt acl support = No printing = cups printcap name = cups deadtime = 10 guest account = nobody map to guest = Bad User dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd show add printer wizard = yes preserve case = yes short preserve case = yes case sensitive = no ___________________________________________________________________________________
The problem seems to be Samba... Any idea? regards Leon
On Tue, 2005-07-19 at 12:35 +0200, Leonardo Pugliesi wrote:
Hi Everyone I have installed FSD and console seems working fine: I can log, adding entries, etc. Following the Samba-Howto (http://people.redhat.com/astokes/samba_rhds.pdf) I encountered problems with net groupmap command: ____________________________________________________________________________ [root@fedorac4 setup]# net groupmap add rid=512 ntgroup="Domain Admins" unixgroup="Domain Admins" --debuglevel=10 [2005/07/19 12:09:44, 5] lib/debug.c:debug_dump_status(366) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 [2005/07/19 12:09:44, 3] param/loadparm.c:lp_load(3916) lp_load: refreshing parameters [2005/07/19 12:09:44, 3] param/loadparm.c:init_globals(1321) Initialising global parameters [2005/07/19 12:09:44, 3] param/params.c:pm_process(573) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2005/07/19 12:09:44, 3] param/loadparm.c:do_section(3418) Processing section "[global]" doing parameter workgroup = FEDORAC4 doing parameter username map = /etc/samba/smbusers doing parameter enable privileges = yes doing parameter server string = Samba Server %v doing parameter security = user doing parameter encrypt passwords = Yes doing parameter min passwd length = 3 [2005/07/19 12:09:44, 1] param/loadparm.c:lp_do_parameter(3159) WARNING: The "min passwd length" option is deprecated doing parameter obey pam restrictions = No doing parameter ldap passwd sync = Yes doing parameter passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u doing parameter ldap passwd sync = Yes doing parameter log level = 0 doing parameter syslog = 0 doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 100000 doing parameter time server = Yes doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter mangling method = hash2 doing parameter Dos charset = 850 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16LE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS-2BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS-2BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-16BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-16BE [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UTF-8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UTF-8 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ASCII [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset ASCII [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset 646 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset 646 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset ISO-8859-1 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset ISO-8859-1 [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(103) Attempting to register new charset UCS2-HEX [2005/07/19 12:09:44, 5] lib/iconv.c:smb_register_charset(111) Registered charset UCS2-HEX [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE doing parameter Unix charset = ISO8859-1 [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE doing parameter logon script = logon.bat doing parameter logon drive = H: doing parameter logon home = doing parameter logon path = doing parameter domain logons = Yes doing parameter os level = 65 doing parameter preferred master = Yes doing parameter domain master = Yes doing parameter wins support = Yes doing parameter passdb backend = ldapsam:ldap://fedorac4.localdomain doing parameter ldap admin dn = cn=Directory Manager doing parameter ldap suffix = dc=localdomain doing parameter ldap group suffix = ou=Groups doing parameter ldap user suffix = ou=People doing parameter ldap machine suffix = ou=Computers doing parameter ldap idmap suffix = ou=Users doing parameter add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" doing parameter ldap delete dn = Yes doing parameter add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" doing parameter add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" doing parameter add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" doing parameter delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" doing parameter set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u" doing parameter printer admin = @"Print Operators" doing parameter load printers = Yes doing parameter create mask = 0640 doing parameter directory mask = 0750 doing parameter nt acl support = No doing parameter printing = cups doing parameter printcap name = cups doing parameter deadtime = 10 doing parameter guest account = nobody doing parameter map to guest = Bad User doing parameter dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd doing parameter show add printer wizard = yes doing parameter preserve case = yes doing parameter short preserve case = yes doing parameter case sensitive = no [2005/07/19 12:09:44, 4] param/loadparm.c:lp_load(3947) pm_process() returned Yes [2005/07/19 12:09:44, 7] param/loadparm.c:lp_servicenumber(4057) lp_servicenumber: couldn't find homes [2005/07/19 12:09:44, 10] param/loadparm.c:set_server_role(3865) set_server_role: role = ROLE_DOMAIN_PDC [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/charcnv.c:charset_name(81) Substituting charset 'UTF-8' for LOCALE [2005/07/19 12:09:44, 5] lib/util.c:init_names(278) Netbios name list:- my_netbios_names[0]="FEDORAC4" [2005/07/19 12:09:44, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.162 bcast=10.255.255.255 nmask=255.0.0.0 [2005/07/19 12:09:44, 10] intl/lang_tdb.c:lang_tdb_init(135) lang_tdb_init: /usr/lib/samba/it_IT.UTF-8.msg: No such file or directory Can't lookup UNIX group Domain Admins [2005/07/19 12:09:44, 2] utils/net.c:main(897) return code = -1 _________________________________________________________________________________
This is the global section of smb.conf I use: [global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u" printer admin = @"Print Operators" load printers = Yes create mask = 0640 directory mask = 0750 nt acl support = No printing = cups printcap name = cups deadtime = 10 guest account = nobody map to guest = Bad User dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd show add printer wizard = yes preserve case = yes short preserve case = yes case sensitive = no ___________________________________________________________________________________
The problem seems to be Samba... Any idea? regards Leon
_ http://people.redhat.com/astokes/samba_rhds.pdf_
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
First thing, follow the article at http://directory.fedora.redhat.com/wiki/Howto:Samba I tend to keep that one closely updated as I find problems.
For this issue what is the output of :
ldapsearch -x -Z '(cn=Domain*)'
Thanks, Adam
Adam Stokes ha scritto:
First thing, follow the article at http://directory.fedora.redhat.com/wiki/Howto:Samba I tend to keep that one closely updated as I find problems.
For this issue what is the output of :
ldapsearch -x -Z '(cn=Domain*)'
Ok, I have read everything (html and pdf version)
ldapsearch result:
[root@fedorac4 fedora-ds]# ldapsearch -x -Z '(cn=Domain*)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (cn=Domain*) # requesting: ALL #
# Domain Admins, Groups, localdomain dn: cn=Domain Admins,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Admins gidNumber: 2512
# Domain Users, Groups, localdomain dn: cn=Domain Users,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Users gidNumber: 2513
# Domain Guests, Groups, localdomain dn: cn=Domain Guests,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Guests gidNumber: 2514
# Domain Computers, Groups, localdomain dn: cn=Domain Computers,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Computers gidNumber: 2515
# search result search: 3 result: 0 Success
# numResponses: 5 # numEntries: 4
tsl_error is not important, I think Leon
On Tue, 2005-07-19 at 15:31 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
First thing, follow the article at http://directory.fedora.redhat.com/wiki/Howto:Samba I tend to keep that one closely updated as I find problems.
For this issue what is the output of :
ldapsearch -x -Z '(cn=Domain*)'
Ok, I have read everything (html and pdf version)
ldapsearch result:
[root@fedorac4 fedora-ds]# ldapsearch -x -Z '(cn=Domain*)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (cn=Domain*) # requesting: ALL #
# Domain Admins, Groups, localdomain dn: cn=Domain Admins,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Admins gidNumber: 2512
# Domain Users, Groups, localdomain dn: cn=Domain Users,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Users gidNumber: 2513
# Domain Guests, Groups, localdomain dn: cn=Domain Guests,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Guests gidNumber: 2514
# Domain Computers, Groups, localdomain dn: cn=Domain Computers,ou=Groups,dc=localdomain objectClass: posixGroup objectClass: top cn: Domain Computers gidNumber: 2515
# search result search: 3 result: 0 Success
# numResponses: 5 # numEntries: 4
tsl_error is not important, I think Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Ok I know what the problem is, its my fault :( when I was testing this I always run the following :
getent group
This should display Domain Admins:x:2512: Domain Users:x:2513: Domain Guests:x:2514: Domain Computers:x:2515:
So, if that doesn't display those groups after adding them to the ldap server run the following (on fedora)
authconfig
Configure user information to use LDAP, this will configure PAM correctly and then you should be able to proceed.
Ill get that added right away
Adam Stokes ha scritto:
Ok I know what the problem is, its my fault :( when I was testing this I always run the following :
getent group
This should display Domain Admins:x:2512: Domain Users:x:2513: Domain Guests:x:2514: Domain Computers:x:2515:
So, if that doesn't display those groups after adding them to the ldap server run the following (on fedora)
authconfig
Configure user information to use LDAP, this will configure PAM correctly and then you should be able to proceed.
Ill get that added right away
OK, now working... net groupmapping result: Successfully added group Domain Admins to the mapping db thanks a lot Leon
Leonardo Pugliesi ha scritto:
Adam Stokes ha scritto:
Ok I know what the problem is, its my fault :( when I was testing this I always run the following :
getent group
This should display Domain Admins:x:2512: Domain Users:x:2513: Domain Guests:x:2514: Domain Computers:x:2515:
So, if that doesn't display those groups after adding them to the ldap server run the following (on fedora)
authconfig
Configure user information to use LDAP, this will configure PAM correctly and then you should be able to proceed.
Ill get that added right away
OK, now working... net groupmapping result: Successfully added group Domain Admins to the mapping db thanks a lot Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
i managed to execute net groupmap add etc., but i have problems in the next step of how-to: i added the entry of "Administrator" as shown in the how-to but on smbpasswd -a Administrator i get the following error: ________________________________________________ [root@fedorac4 ~]# smbpasswd -a Administrator New SMB password: Retype new SMB password: ldapsam_modify_entry: Failed to add user dn= uid=Administrator,ou=People,dc=localdomain with: Already exists
ldapsam_add_sam_account: failed to modify/add user with uid = Administrator (dn = uid=Administrator,ou=People,dc=localdomain) Failed to add entry for user Administrator. Failed to modify password entry for user Administrator [root@fedorac4 ~]# ________________________________________________
the ldapsearch -x -Z shows the entry in this way: _____________________________________
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 16 # numEntries: 15 [root@fedorac4 ~]# _____________________________________
some hints?
thank you Leon
On Wed, 2005-07-20 at 16:32 +0200, Leonardo Pugliesi wrote:
Leonardo Pugliesi ha scritto:
Adam Stokes ha scritto:
Ok I know what the problem is, its my fault :( when I was testing this I always run the following :
getent group
This should display Domain Admins:x:2512: Domain Users:x:2513: Domain Guests:x:2514: Domain Computers:x:2515:
So, if that doesn't display those groups after adding them to the ldap server run the following (on fedora)
authconfig
Configure user information to use LDAP, this will configure PAM correctly and then you should be able to proceed.
Ill get that added right away
OK, now working... net groupmapping result: Successfully added group Domain Admins to the mapping db thanks a lot Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
i managed to execute net groupmap add etc., but i have problems in the next step of how-to: i added the entry of "Administrator" as shown in the how-to but on smbpasswd -a Administrator i get the following error: ________________________________________________ [root@fedorac4 ~]# smbpasswd -a Administrator New SMB password: Retype new SMB password: ldapsam_modify_entry: Failed to add user dn= uid=Administrator,ou=People,dc=localdomain with: Already exists
ldapsam_add_sam_account: failed to modify/add user with uid = Administrator (dn = uid=Administrator,ou=People,dc=localdomain) Failed to add entry for user Administrator. Failed to modify password entry for user Administrator [root@fedorac4 ~]# ________________________________________________
the ldapsearch -x -Z shows the entry in this way: _____________________________________
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 16 # numEntries: 15 [root@fedorac4 ~]# _____________________________________
some hints?
thank you Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Leon,
I think since you have an administrator account set already, do
smbpasswd Adminsitrator
the '-a' switch tells samba to add that user without it will just change the password and add the appropriate entries to directory server
Adam Stokes ha scritto:
On Wed, 2005-07-20 at 16:32 +0200, Leonardo Pugliesi wrote:
Leonardo Pugliesi ha scritto:
Adam Stokes ha scritto:
Ok I know what the problem is, its my fault :( when I was testing this I always run the following :
getent group
This should display Domain Admins:x:2512: Domain Users:x:2513: Domain Guests:x:2514: Domain Computers:x:2515:
So, if that doesn't display those groups after adding them to the ldap server run the following (on fedora)
authconfig
Configure user information to use LDAP, this will configure PAM correctly and then you should be able to proceed.
Ill get that added right away
OK, now working... net groupmapping result: Successfully added group Domain Admins to the mapping db thanks a lot Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
i managed to execute net groupmap add etc., but i have problems in the next step of how-to: i added the entry of "Administrator" as shown in the how-to but on smbpasswd -a Administrator i get the following error: ________________________________________________ [root@fedorac4 ~]# smbpasswd -a Administrator New SMB password: Retype new SMB password: ldapsam_modify_entry: Failed to add user dn= uid=Administrator,ou=People,dc=localdomain with: Already exists
ldapsam_add_sam_account: failed to modify/add user with uid = Administrator (dn = uid=Administrator,ou=People,dc=localdomain) Failed to add entry for user Administrator. Failed to modify password entry for user Administrator [root@fedorac4 ~]# ________________________________________________
the ldapsearch -x -Z shows the entry in this way: _____________________________________
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 16 # numEntries: 15 [root@fedorac4 ~]# _____________________________________
some hints?
thank you Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Leon,
I think since you have an administrator account set already, do
smbpasswd Adminsitrator
the '-a' switch tells samba to add that user without it will just change the password and add the appropriate entries to directory server
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
if i use "smbpasswd Administrator" i get: _______________________________ [root@fedorac4 ~]# smbpasswd Administrator New SMB password: Retype new SMB password: Failed to find entry for user administrator. Failed to modify password entry for user administrator [root@fedorac4 ~]# _______________________________ so it seems that i can't add Administrator because the entry alredy exists, but i can't modify it because it doesn't exists..... am i missing something :-)
thanx
Leon,
I think since you have an administrator account set already, do
smbpasswd Adminsitrator
the '-a' switch tells samba to add that user without it will just change the password and add the appropriate entries to directory server
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
if i use "smbpasswd Administrator" i get: _______________________________ [root@fedorac4 ~]# smbpasswd Administrator New SMB password: Retype new SMB password: Failed to find entry for user administrator. Failed to modify password entry for user administrator [root@fedorac4 ~]# _______________________________ so it seems that i can't add Administrator because the entry alredy exists, but i can't modify it because it doesn't exists..... am i missing something :-)
thanx
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
What does your smb.conf look like? Also is there anything in the samba logs?
Adam Stokes ha scritto:
Leon,
I think since you have an administrator account set already, do
smbpasswd Adminsitrator
the '-a' switch tells samba to add that user without it will just change the password and add the appropriate entries to directory server
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
if i use "smbpasswd Administrator" i get: _______________________________ [root@fedorac4 ~]# smbpasswd Administrator New SMB password: Retype new SMB password: Failed to find entry for user administrator. Failed to modify password entry for user administrator [root@fedorac4 ~]# _______________________________ so it seems that i can't add Administrator because the entry alredy exists, but i can't modify it because it doesn't exists..... am i missing something :-)
thanx
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
What does your smb.conf look like? Also is there anything in the samba logs?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is smb.conf (global section):
[global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes #unix password sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain #passdb backend = ldap:ldap://fedorac4.localdomain # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com" ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
samba logs is empty Leon
On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
Leon,
I think since you have an administrator account set already, do
smbpasswd Adminsitrator
the '-a' switch tells samba to add that user without it will just change the password and add the appropriate entries to directory server
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
if i use "smbpasswd Administrator" i get: _______________________________ [root@fedorac4 ~]# smbpasswd Administrator New SMB password: Retype new SMB password: Failed to find entry for user administrator. Failed to modify password entry for user administrator [root@fedorac4 ~]# _______________________________ so it seems that i can't add Administrator because the entry alredy exists, but i can't modify it because it doesn't exists..... am i missing something :-)
thanx
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
What does your smb.conf look like? Also is there anything in the samba logs?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is smb.conf (global section):
[global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes #unix password sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain #passdb backend = ldap:ldap://fedorac4.localdomain # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com" ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
samba logs is empty Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Not sure at this point, looks like you are using idealx scripts for some of the administration maybe they created the admin account?
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
Leon,
I think since you have an administrator account set already, do
smbpasswd Adminsitrator
the '-a' switch tells samba to add that user without it will just change the password and add the appropriate entries to directory server
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
if i use "smbpasswd Administrator" i get: _______________________________ [root@fedorac4 ~]# smbpasswd Administrator New SMB password: Retype new SMB password: Failed to find entry for user administrator. Failed to modify password entry for user administrator [root@fedorac4 ~]# _______________________________ so it seems that i can't add Administrator because the entry alredy exists, but i can't modify it because it doesn't exists..... am i missing something :-)
thanx
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
What does your smb.conf look like? Also is there anything in the samba logs?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is smb.conf (global section):
[global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes #unix password sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain #passdb backend = ldap:ldap://fedorac4.localdomain # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com" ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
samba logs is empty Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Not sure at this point, looks like you are using idealx scripts for some of the administration maybe they created the admin account?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
the entry "Administrator.... " has been created with the ldif2ldap method, as shown in the how-to. the problem, in my opinion, is that if i use "smbldap-usershow Administrator" i get the right entry:
_____________________________ [root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU _____________________________
if i use "ldapsearch -x -Z '(uid=Administrator)' i get the right entry, i suppose the same entry found with the other command: ____________________ [root@fedorac4 ~]# ldapsearch -x -Z '(uid=Administrator)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=Administrator) # requesting: ALL #
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1 [root@fedorac4 ~]# _________________________________________-
i suppose the two command give me the same entry because sghould be querying the same database......
if i use pdbedit -u Administrator i get _________________ [root@fedorac4 ~]# pdbedit -u Administrator Username not found! [root@fedorac4 ~]# _________________
so if only samba related commands seem not to work properly perhaps the problem is in samba configuration, but in the guides downloaded from the website i didn't found how to configure the part of the file for what concern the scripts of entries managemant such as adding users, machine, etc...... what should i do now?
bye leon
On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
Leon,
I think since you have an administrator account set already, do
smbpasswd Adminsitrator
the '-a' switch tells samba to add that user without it will just change the password and add the appropriate entries to directory server
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
if i use "smbpasswd Administrator" i get: _______________________________ [root@fedorac4 ~]# smbpasswd Administrator New SMB password: Retype new SMB password: Failed to find entry for user administrator. Failed to modify password entry for user administrator [root@fedorac4 ~]# _______________________________ so it seems that i can't add Administrator because the entry alredy exists, but i can't modify it because it doesn't exists..... am i missing something :-)
thanx
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
What does your smb.conf look like? Also is there anything in the samba logs?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is smb.conf (global section):
[global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes #unix password sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain #passdb backend = ldap:ldap://fedorac4.localdomain # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com" ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
samba logs is empty Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Not sure at this point, looks like you are using idealx scripts for some of the administration maybe they created the admin account?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
the entry "Administrator.... " has been created with the ldif2ldap method, as shown in the how-to. the problem, in my opinion, is that if i use "smbldap-usershow Administrator" i get the right entry:
[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU _____________________________
if i use "ldapsearch -x -Z '(uid=Administrator)' i get the right entry, i suppose the same entry found with the other command: ____________________ [root@fedorac4 ~]# ldapsearch -x -Z '(uid=Administrator)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=Administrator) # requesting: ALL #
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1 [root@fedorac4 ~]# _________________________________________-
i suppose the two command give me the same entry because sghould be querying the same database......
if i use pdbedit -u Administrator i get _________________ [root@fedorac4 ~]# pdbedit -u Administrator Username not found! [root@fedorac4 ~]# _________________
so if only samba related commands seem not to work properly perhaps the problem is in samba configuration, but in the guides downloaded from the website i didn't found how to configure the part of the file for what concern the scripts of entries managemant such as adding users, machine, etc...... what should i do now?
bye leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is what the administrator entry should look like :
[root@directory alias]# ldapsearch -x -ZZ '(uid=administrator)' # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=administrator) # requesting: ALL #
# Administrator, People, gsslab.rdu.redhat.com dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com uid: Administrator cn: Samba Administrator objectClass: account objectClass: posixAccount objectClass: top objectClass: sambaSamAccount loginShell: /bin/bish uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Administrator sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000 sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001 displayName: Samba Administrator sambaPwdCanChange: 1120750967 sambaPwdMustChange: 2147483647 sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6 sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 sambaPwdLastSet: 1120750967 sambaAcctFlags: [U ]
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1
So it looks like perhaps the administrator account needs the objectclass sambaSamAccount added to the entry manually then you should be able to proceed
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
>Leon, > >I think since you have an administrator account set already, do > >smbpasswd Adminsitrator > >the '-a' switch tells samba to add that user without it will just change >the password and add the appropriate entries to directory server > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > > > if i use "smbpasswd Administrator" i get: _______________________________ [root@fedorac4 ~]# smbpasswd Administrator New SMB password: Retype new SMB password: Failed to find entry for user administrator. Failed to modify password entry for user administrator [root@fedorac4 ~]# _______________________________ so it seems that i can't add Administrator because the entry alredy exists, but i can't modify it because it doesn't exists..... am i missing something :-)
thanx
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
What does your smb.conf look like? Also is there anything in the samba logs?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is smb.conf (global section):
[global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes #unix password sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain #passdb backend = ldap:ldap://fedorac4.localdomain # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com" ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
samba logs is empty Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Not sure at this point, looks like you are using idealx scripts for some of the administration maybe they created the admin account?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
the entry "Administrator.... " has been created with the ldif2ldap method, as shown in the how-to. the problem, in my opinion, is that if i use "smbldap-usershow Administrator" i get the right entry:
[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU _____________________________
if i use "ldapsearch -x -Z '(uid=Administrator)' i get the right entry, i suppose the same entry found with the other command: ____________________ [root@fedorac4 ~]# ldapsearch -x -Z '(uid=Administrator)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=Administrator) # requesting: ALL #
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1 [root@fedorac4 ~]# _________________________________________-
i suppose the two command give me the same entry because sghould be querying the same database......
if i use pdbedit -u Administrator i get _________________ [root@fedorac4 ~]# pdbedit -u Administrator Username not found! [root@fedorac4 ~]# _________________
so if only samba related commands seem not to work properly perhaps the problem is in samba configuration, but in the guides downloaded from the website i didn't found how to configure the part of the file for what concern the scripts of entries managemant such as adding users, machine, etc...... what should i do now?
bye leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is what the administrator entry should look like :
[root@directory alias]# ldapsearch -x -ZZ '(uid=administrator)' # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=administrator) # requesting: ALL #
# Administrator, People, gsslab.rdu.redhat.com dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com uid: Administrator cn: Samba Administrator objectClass: account objectClass: posixAccount objectClass: top objectClass: sambaSamAccount loginShell: /bin/bish uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Administrator sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000 sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001 displayName: Samba Administrator sambaPwdCanChange: 1120750967 sambaPwdMustChange: 2147483647 sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6 sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 sambaPwdLastSet: 1120750967 sambaAcctFlags: [U ]
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1
So it looks like perhaps the administrator account needs the objectclass sambaSamAccount added to the entry manually then you should be able to proceed
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
i removed all the references to smbldap-tools in the smb.conf and now things seems to work better... i beg your pardon for this mistake but i thought that samba would interact with ldap through that tools. now, for example, when i join a machine to the domain who is in charge of adding the correct entry in ldap database without smbladp-tools?
thanks, leon
On Thu, 2005-07-21 at 17:05 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
>>Leon, >> >>I think since you have an administrator account set already, do >> >>smbpasswd Adminsitrator >> >>the '-a' switch tells samba to add that user without it will just change >>the password and add the appropriate entries to directory server >> >>-- >>Fedora-directory-users mailing list >>Fedora-directory-users@redhat.com >>https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> >> >> >> >> >> >> >> >if i use "smbpasswd Administrator" i get: >_______________________________ >[root@fedorac4 ~]# smbpasswd Administrator >New SMB password: >Retype new SMB password: >Failed to find entry for user administrator. >Failed to modify password entry for user administrator >[root@fedorac4 ~]# >_______________________________ >so it seems that i can't add Administrator because the entry alredy >exists, but i can't modify it because it doesn't exists..... >am i missing something :-) > >thanx > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > What does your smb.conf look like? Also is there anything in the samba logs?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is smb.conf (global section):
[global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes #unix password sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain #passdb backend = ldap:ldap://fedorac4.localdomain # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com" ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
samba logs is empty Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Not sure at this point, looks like you are using idealx scripts for some of the administration maybe they created the admin account?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
the entry "Administrator.... " has been created with the ldif2ldap method, as shown in the how-to. the problem, in my opinion, is that if i use "smbldap-usershow Administrator" i get the right entry:
[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU _____________________________
if i use "ldapsearch -x -Z '(uid=Administrator)' i get the right entry, i suppose the same entry found with the other command: ____________________ [root@fedorac4 ~]# ldapsearch -x -Z '(uid=Administrator)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=Administrator) # requesting: ALL #
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1 [root@fedorac4 ~]# _________________________________________-
i suppose the two command give me the same entry because sghould be querying the same database......
if i use pdbedit -u Administrator i get _________________ [root@fedorac4 ~]# pdbedit -u Administrator Username not found! [root@fedorac4 ~]# _________________
so if only samba related commands seem not to work properly perhaps the problem is in samba configuration, but in the guides downloaded from the website i didn't found how to configure the part of the file for what concern the scripts of entries managemant such as adding users, machine, etc...... what should i do now?
bye leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is what the administrator entry should look like :
[root@directory alias]# ldapsearch -x -ZZ '(uid=administrator)' # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=administrator) # requesting: ALL #
# Administrator, People, gsslab.rdu.redhat.com dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com uid: Administrator cn: Samba Administrator objectClass: account objectClass: posixAccount objectClass: top objectClass: sambaSamAccount loginShell: /bin/bish uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Administrator sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000 sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001 displayName: Samba Administrator sambaPwdCanChange: 1120750967 sambaPwdMustChange: 2147483647 sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6 sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 sambaPwdLastSet: 1120750967 sambaAcctFlags: [U ]
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1
So it looks like perhaps the administrator account needs the objectclass sambaSamAccount added to the entry manually then you should be able to proceed
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
i removed all the references to smbldap-tools in the smb.conf and now things seems to work better... i beg your pardon for this mistake but i thought that samba would interact with ldap through that tools. now, for example, when i join a machine to the domain who is in charge of adding the correct entry in ldap database without smbladp-tools?
thanks, leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Unfortunately, it has to be done manually without the proper ldap tools.. I haven't gotten that far in testing just a preliminary how-to for this.
IDEALX scripts do work with openldap again I haven't tested with FDS. My suggestion to you or someone who is good in C is to write a plugin for FDS probably a Pre-operation plugin to allow for the adding/removing of entries in the FDS db.
More information on plugins can be found : http://directory.fedora.redhat.com/wiki/Plugins
Sorry I couldn't be of further assistance
thanks
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 17:05 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 15:44 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
Adam Stokes ha scritto:
>>>Leon, >>> >>>I think since you have an administrator account set already, do >>> >>>smbpasswd Adminsitrator >>> >>>the '-a' switch tells samba to add that user without it will just change >>>the password and add the appropriate entries to directory server >>> >>>-- >>>Fedora-directory-users mailing list >>>Fedora-directory-users@redhat.com >>>https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>if i use "smbpasswd Administrator" i get: >>_______________________________ >>[root@fedorac4 ~]# smbpasswd Administrator >>New SMB password: >>Retype new SMB password: >>Failed to find entry for user administrator. >>Failed to modify password entry for user administrator >>[root@fedorac4 ~]# >>_______________________________ >>so it seems that i can't add Administrator because the entry alredy >>exists, but i can't modify it because it doesn't exists..... >>am i missing something :-) >> >>thanx >> >>-- >>Fedora-directory-users mailing list >>Fedora-directory-users@redhat.com >>https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> >> >> >> >> >> >> >What does your smb.conf look like? Also is there anything in the samba >logs? > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > > > This is smb.conf (global section):
[global] workgroup = FEDORAC4 username map = /etc/samba/smbusers enable privileges = yes server string = Samba Server %v security = user encrypt passwords = Yes min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes #unix password sync = Yes passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n" ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = logon.bat logon drive = H: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://fedorac4.localdomain #passdb backend = ldap:ldap://fedorac4.localdomain # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com" ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap admin dn = cn=Directory Manager ldap suffix = dc=localdomain ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
samba logs is empty Leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Not sure at this point, looks like you are using idealx scripts for some of the administration maybe they created the admin account?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
the entry "Administrator.... " has been created with the ldif2ldap method, as shown in the how-to. the problem, in my opinion, is that if i use "smbldap-usershow Administrator" i get the right entry:
[root@fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU _____________________________
if i use "ldapsearch -x -Z '(uid=Administrator)' i get the right entry, i suppose the same entry found with the other command: ____________________ [root@fedorac4 ~]# ldapsearch -x -Z '(uid=Administrator)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=Administrator) # requesting: ALL #
# Administrator, People, localdomain dn: uid=Administrator,ou=People,dc=localdomain uid: Administrator cn: Samba Admin givenName: Samba sn: Admin mail: Administrator@localdomain objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top loginShell: /bin/bash uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Admin
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1 [root@fedorac4 ~]# _________________________________________-
i suppose the two command give me the same entry because sghould be querying the same database......
if i use pdbedit -u Administrator i get _________________ [root@fedorac4 ~]# pdbedit -u Administrator Username not found! [root@fedorac4 ~]# _________________
so if only samba related commands seem not to work properly perhaps the problem is in samba configuration, but in the guides downloaded from the website i didn't found how to configure the part of the file for what concern the scripts of entries managemant such as adding users, machine, etc...... what should i do now?
bye leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
This is what the administrator entry should look like :
[root@directory alias]# ldapsearch -x -ZZ '(uid=administrator)' # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=administrator) # requesting: ALL #
# Administrator, People, gsslab.rdu.redhat.com dn: uid=Administrator,ou=People,dc=gsslab,dc=rdu,dc=redhat,dc=com uid: Administrator cn: Samba Administrator objectClass: account objectClass: posixAccount objectClass: top objectClass: sambaSamAccount loginShell: /bin/bish uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Samba Administrator sambaSID: S-1-5-21-1803520230-1543781662-649387223-1000 sambaPrimaryGroupSID: S-1-5-21-1803520230-1543781662-649387223-1001 displayName: Samba Administrator sambaPwdCanChange: 1120750967 sambaPwdMustChange: 2147483647 sambaLMPassword: CFA95C51F11AB11DC2265B23734E0DAC sambaNTPassword: B2D88A4A9B0DAEE170E75F67D54918F6 sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 sambaPwdLastSet: 1120750967 sambaAcctFlags: [U ]
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1
So it looks like perhaps the administrator account needs the objectclass sambaSamAccount added to the entry manually then you should be able to proceed
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
i removed all the references to smbldap-tools in the smb.conf and now things seems to work better... i beg your pardon for this mistake but i thought that samba would interact with ldap through that tools. now, for example, when i join a machine to the domain who is in charge of adding the correct entry in ldap database without smbladp-tools?
thanks, leon
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Unfortunately, it has to be done manually without the proper ldap tools.. I haven't gotten that far in testing just a preliminary how-to for this.
IDEALX scripts do work with openldap again I haven't tested with FDS. My suggestion to you or someone who is good in C is to write a plugin for FDS probably a Pre-operation plugin to allow for the adding/removing of entries in the FDS db.
More information on plugins can be found : http://directory.fedora.redhat.com/wiki/Plugins
Sorry I couldn't be of further assistance
thanks
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
now i have to users configured in ldap: testuser and admnistrator (as u do in the how-to) when i try to enter in a samba share with testuser i have no problems but if i use administrator and its password i can't enter, is this normal?
thanx, leon
Help how to insert computers in domain? in your how-to you explained how to insert groups and users entries into ldap, how about machine account? whitout them we can't let clients joining the domain! any suggestions?
thanx leon
389-users@lists.fedoraproject.org