[Fedora-directory-users] can't lookup UNIX group Domain Admins

Sat Dec 16 06:24:17 UTC 2006

>> On Fri, 2006-12-15 at 16:35 -0800, listman wrote:
>>> Can some one please point me in the right direction to fix this? Iâ€™ve
>>> searched samba group and the only thing I can find is something about
>>> having the right scripts but they donâ€™t tell you where to get them or
>>> how
>>> to run them.
>>> Any help would be greatly appreciated.
>> ----
>> sounds like you are looking for smbldap-tools from idealx
>>
>> Perhaps you are using packaging from a distribution that offers these
>> tools or start here if that is indeed what you are looking for...
>>
>> http://sourceforge.net/projects/smbldap-tools
>>
>> Craig
>>
> Thanks Craig
> That does explain the scripts that I read about but it's not helping my
> problem any.
> I'm going through the samba doc on the FDS site and keep running into
> problems here and no one seems to know the answer. I have installed
> everything I need, configurd samba, ldap, bind, and everything else
> refrenced from the FDS site. I'm missing something thats isn't covered on
> the site but I dont know enough to figure out what it is. Heres my
> smb.conf file if that helps any..
>
> [global]
> workgroup = DEPFYFFER
> security = user
> passdb backend = ldapsam:ldap://depfyffer.com
> ldap admin dn = cn=Directory Manager
> ldap suffix = dc=depfyffer,dc=com
> ldap user suffix = ou=People
> ldap machine suffix = ou=Computers
> ldap group suffix = ou=Groups
>
> add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
> add user script = /usr/local/sbin/smbldap-useradd -m "%u"
> ldap delete dn = Yes
> #delete user script = /usr/local/sbin/smbldap-userdel "%u"
> add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
> #delete group script = /usr/local/sbin/smbldap-groupdel "%g"
> add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
> delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
> "%g"
> set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
> add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
>
> log file = /var/log/%m.log
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
> os level = 33
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
>
> wins support = yes
>
> logon home = \\%L\%u\profiles
> logon path = \\%L\profiles\%u
> logon drive = H:
>
> template shell = /bin/false
> winbind use default domain = no
>
> [netlogon]
> path = /var/lib/samba/netlogon
> read only = yes
> browsable = no
>
> [profiles]
> path = /var/lib/samba/profiles
> read only = no
> create mask = 0600
> directory mask = 0700
>
> [homes]
> browsable = no
> writable = yes
>

This may help also??

[root at depfyffer log]# smbpasswd -D 10 -a -m
Netbios name list:-
my_netbios_names[0]="DEPFYFFER"
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend NDS_ldapsam
Successfully added passdb backend 'NDS_ldapsam'
Attempting to register passdb backend NDS_ldapsam_compat
Successfully added passdb backend 'NDS_ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to find an passdb backend to match ldapsam:ldap://depfyffer.com
(ldapsam)
Found pdb backend ldapsam
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=DEPFYFFER))]
smbldap_search_ext: base => [dc=depfyffer,dc=com], filter =>
[(&(objectClass=sambaDomain)(sambaDomainName=DEPFYFFER))], scope => [2]
The connection to the LDAP server was closed
smb_ldap_setup_connection: ldap://depfyffer.com
smbldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server ldap://depfyffer.com as
"cn=Directory Manager"
ldap_connect_system: succesful connection to the LDAP server
ldap_connect_system: LDAP server does not support paged results
The LDAP server is succesfully connected
smbldap_get_single_attribute: [sambaAlgorithmicRidBase] = [<does not exist>]
pdb backend ldapsam:ldap://depfyffer.com has a valid init
smbldap_search_ext: base => [dc=depfyffer,dc=com], filter =>
[(&(uid=root$)(objectclass=sambaSamAccount))], scope => [2]
ldapsam_getsampwnam: Unable to locate user [root$] count=0
Failed to modify password entry for user root$