[K12OSN] sambaSamAccount SOLVED

Peter Hartmann ascensiontech at gmail.com
Wed Apr 16 01:42:33 UTC 2008 

I got suspicious  when this problem  (missing sambasamaccount for
newly created machine accounts) happened again on another smbldap
server.  I'm not sure it the smbldap-installer omitted this or I did,
but this addition to /etc/ldap.conf did the trick for me:

nss_base_passwd ou=Computers,dc=domain,dc=org?one

I thought that this wasn't needed because the machine accounts were
stored in the Users container.  guess not.


Peter



On Mon, Mar 3, 2008 at 12:48 PM, Craig White <craig at tobyhouse.com> wrote:
>
>
>  On Sun, 2008-03-02 at 22:36 -0500, Peter Hartmann wrote:
>  > I'm testing out the smblap installer on Centos 5 with Brian Chivers
>  > suggestions.  It all looks great except that I can't actually join the
>  > darn thing.  smbldap-useradd -w COMPY      doesn't add in the
>  > sambaSamAccount stuff into ldap.
>  >
>  > dn: uid=COMPY$,ou=Computers,dc=company,dc=org
>  > objectClass: top
>  > objectClass: account
>  > objectClass: posixAccount
>  > cn: COMPY$
>  > uid: COMPY$
>  > uidNumber: 10012
>  > gidNumber: 515
>  > homeDirectory: /dev/null
>  > loginShell: /bin/false
>  > description: Computer
>  > gecos: Computer
>  > structuralObjectClass: account
>  > entryUUID: 2f88fc52-7d18-102c-8ca6-573e9fbcce47
>  > creatorsName: cn=Manager,dc=comapny,dc=org
>  > createTimestamp: 20080303024928Z
>  > entryCSN: 20080303024928Z#000000#00#000000
>  > modifiersName: cn=Manager,dc=company,dc=org
>  > modifyTimestamp: 20080303024928Z
>  >
>  > Mind you it does get in for user accounts.  I've tried smbdap-tools
>  > 8.6, 9.1,  9.4 even.
>  >
>  > Any advice on this.... I've googled my brains out.
>  ----
>  definitely not working...
>
>  It should be adding objectclass: sambaSamAccount
>  and attributes for...
>  sambaSID sambaPrimaryGroupSID displayName sambaPwdMustChange
>  sambaAcctFlags sambaPwdCanChange sambaNTPassword  sambaPwdLastSet
>
>  Have you set all of the values in smbldap_conf ?
>
>  Have you set values in LDAP for 'sambaDomainName' and 'Idmap' ?
>
>  Craig
>
>  Craig
>
>
>
>  _______________________________________________
>  K12OSN mailing list
>  K12OSN at redhat.com
>  https://www.redhat.com/mailman/listinfo/k12osn
>  For more info see <http://www.k12os.org>
>

More information about the K12OSN mailing list