I have tried to add an account using smbpasswd -a tims and I get the following error: rhea:/usr/src/samba/cvs# smbpasswd -L -a tims New SMB password: Retype new SMB password: Failed initialise SAM_ACCOUNT for user tims. Failed to modify password entry for user tims When I look through the debug info(smbpasswd -a tims -D 5) I see: rhea:/usr/src/samba/cvs# smbpasswd -a tims -D 5 Netbios name list:- my_netbios_names[0]="RHEA" New SMB password: Retype new SMB password: Trying to load: ldapsam:ldap://rhea.engr.arizona.edu Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend guest Successfully added passdb backend 'guest' Attempting to find an passdb backend to match ldapsam:ldap://rhea.engr.arizona.edu (ldapsam) Found pdb backend ldapsam Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ENGR))] smbldap_search_suffix: searching for:[(&(objectClass=sambaDomain)(sambaDomainName=ENGR))] smbldap_open_connection: connection opened ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesful connected pdb backend ldapsam:ldap://rhea.engr.arizona.edu has a valid init Attempting to find an passdb backend to match guest (guest) Found pdb backend guest pdb backend guest has a valid init smbldap_search_suffix: searching for:[(&(uid=tims)(objectclass=sambaSamAccount))] ldapsam_getsampwnam: Unable to locate user [tims] count=0 Finding user tims Trying _Get_Pwnam(), username as lowercase is tims Trying _Get_Pwnam(), username as uppercase is TIMS Checking combinations of 0 uppercase letters in tims Get_Pwnam_internals didn't find user [tims]! Failed initialise SAM_ACCOUNT for user tims. Failed to modify password entry for user tims When searching for tims, the objectClass=sambaSAMAccount does not exist in the ldap entry. "smbpasswd -a tims" should add the sambaSAMAccount objectClass to the existing entry (uid=tims,ou=people,dc=...). I have ldap-nss libraries installed and configured so "tims" is a valid user on the system(but not in the passwd file). (side note) I think the work the Samba Team has done is amazing! Thank you for all of your efforts! (/side note)
ok, I was slightly mistaken, you can add accounts but deleting them is not possible. I restarted my ldap server as well as nscd and I could add tims. This is because the system "saw" tims as an actual user. The problem still exists for deleting an entry. I get an LDAP error from the samba debug output: [... snipped ...] ldapsam_delete_entry: Could not delete attributes for uid=tims,ou=People,dc=engr,dc=arizona,dc=edu, error: Naming violation (naming attribute 'uid' is not present in entry) Failed to delete entry for user tims. Failed to modify password entry for user tims
To be a little more helpfull, when deleting information from an ldap entry, you only want to delete the information that needs to be deleted. For example, if an ldap entry has multiple objectClasses (EG: posixAccount + sambAccount) that share attributes, the attributes that do not exist in any of the other objectclasses should be deleted when removing the sambaAcccount object class. ___UID___ should not be deleted because it is essential to the posixAccount objectClass. Also, the dn of many entries look something like: uid=username,ou=People,dc=example,dc=com When the attribute uid is deleted, the error seen in the previoues email is seen.
bug is against 3.0
*** This bug has been marked as a duplicate of 726 ***
database cleanup