Hi * I'm running Samba with an OpenLDAP backend. PCS1:~ # smbclient -V Version 3.0.21c-SerNet-SuSE The problem arrise when a new workstation is created: 1. using smbldap-useradd -w pcsxp1 this creates the DN is the expected place. But this DN has no sambaSamAcccount objectclass. The ppl from IDEALIX say that these will be created by samba. But Samba can not find the account without the sambaSamAccount objectclass. 2. using pdbedit -a -m pcsxp1 this fails with the error ldapsam_modify_entry: Failed to add user dn= uid=pcsxp1$,ou=machines,dc=c-schaub,dc=de with: Object class violation object class 'sambaSamAccount' requires attribute 'sambaSID' ldapsam_add_sam_account: failed to modify/add user with uid = pcsxp1$ (dn = uid=pcsxp1$,ou=machines,dc=c-schaub,dc=de) Unable to add machine! (does it already exist?) one prog should definetly set the 'sambaSID'. IMHO pdbedit should do. Carsten Schaub
Created attachment 1828 [details] Output of pdbedit -d 15 -a -m pcsxp1
After discussion with vl it leads to a misunderstanding of my ldap setup. I wanted to have machine accounts only be as sambaSamAccount without the need of unix accounts. But this is not desirable. It works if you create a unix uid which can be resolved by getpwent(). Actually it was a simple change to my ldap.conf to search the whole subtree.