Config: http://dmarkey.com/~dmarkey/samba3.4pre1/smbpasswd/smb.conf debian5:/var/log# net rpc user add david2 password -U administrator%password Failed to add user 'david2' with: WERR_GENERAL_FAILURE. log: http://dmarkey.com/~dmarkey/samba3.4pre1/net/samba-WERR_GENERAL_FAILURE debian5:/var/log# net rpc user add david2 password -U administrator%password Failed to add user 'david2' with: DOS code 0x0000051c. log: http://dmarkey.com/~dmarkey/samba3.4pre1/net/samba-DOS debian5:/var/log# net rpc user add david2 password -U administrator%password Failed to add user 'david2' with: DOS code 0x00000026. debian5:/var/log# net rpc user add david2 password -U administrator%password Failed to add user 'david2' with: User already exists. log: http://dmarkey.com/~dmarkey/samba3.4pre1/net/samba-success At this point the user gets added : debian5:/var/log# getent passwd david2 david2:*:1000008:1000002:david2:/home/SAMBATEST/david2:/bin/false
Ok, there is a crash bug in smbd (patch to follow) and then you have this problem in your LDAP server: [2009/05/05 17:13:10, 5] lib/smbldap.c:1205(smbldap_search_ext) smbldap_search_ext: base => [dc=samba,dc=org], filter => [(&(sambaSid=S-1-5-21-3658353372-1529503655-518646015-513)(|(objectClass=sambaGroupMapping)(objectClass=sambaSamAccount)))], scope => [2] [2009/05/05 17:13:10, 10] passdb/pdb_ldap.c:4894(ldapsam_sid_to_id) Got 2 entries, expected one
(In reply to comment #1) > Ok, there is a crash bug in smbd (patch to follow) The patch has been pushed to git repositories and is available also in bug #6314.
(In reply to comment #2) > (In reply to comment #1) > > Ok, there is a crash bug in smbd (patch to follow) > > The patch has been pushed to git repositories and is available also in bug > #6314. bug #6313 that is.
I'm still getting inconsistency with this. If I try to use the Administrator user, 10% of attempts succeed. When I grant the administrator full rights it succeeds 100%. When the Administrstor doesnt have the rights granted, there should be consistent results, one way or the other.
David, any news on this ?
Its fixed in master, and 3.4-test. The way it works now is that administrator has to be explicitly given SeAddUsersPrivilege, in order to be able to add users.
This has been resolved for 3.4 Thanks so much for testing!