Bug 969 - Fail to add machine to domain, ldap backend.
Summary: Fail to add machine to domain, ldap backend.
Status: CLOSED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.0.1
Hardware: Other Linux
: P3 normal
Target Milestone: none
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-01-14 02:08 UTC by Bambang Budiharto
Modified: 2005-08-24 10:25 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Bambang Budiharto 2004-01-14 02:08:53 UTC
Server : Samba 3.0.1 / Redhat Linux 9.0
Client : Win2000 SP3

When trying to join W2K machine to domain, it always give error : 
Logon failure: "unknown username or bad password" in client.

From server side, it seems samba trying to *add* same entry(dn) in ldap instead
of *modifying* entry.

In /var/log/samba/tbird.log :
....
[2004/01/14 16:58:00, 3] rpc_server/srv_samr_nt.c:_samr_create_user(2229)
  _samr_create_user: Running the command `/usr/local/sbin/irs-addmachine.pl
tbird$' gave 0
....
[2004/01/14 16:58:00, 2] lib/smbldap.c:smbldap_search_suffix(1068)
  smbldap_search_suffix: searching
for:[(&(uid=tbird$)(objectclass=sambaSamAccount))]
[2004/01/14 16:58:00, 2] lib/smbldap.c:smbldap_search_suffix(1068)
  smbldap_search_suffix: searching
for:[(&(sambaSID=S-1-5-21-48631949-2054298982-1082013118-2102)(|(objectClass=sambaIdmapEntry)(objectClass=sambaSidEntry)))]
[2004/01/14 16:58:00, 3] passdb/pdb_ldap.c:ldapsam_add_sam_account(1575)
  ldapsam_add_sam_account: Adding new user
[2004/01/14 16:58:00, 2] passdb/pdb_ldap.c:init_ldap_from_sam(769)
  init_ldap_from_sam: Setting entry for user: tbird$
[2004/01/14 16:58:00, 1] passdb/pdb_ldap.c:ldapsam_modify_entry(1203)
  ldapsam_modify_entry: Failed to add user dn=
uid=tbird$,ou=people,dc=indorama,dc=com with: Already exists

[2004/01/14 16:58:00, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1614)
  ldapsam_add_sam_account: failed to modify/add user with uid = tbird$ (dn =
uid=tbird$,ou=people,dc=indorama,dc=com)
[2004/01/14 16:58:00, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2251)
  could not add user/computer tbird$ to passdb.  Check permissions?

---<cut>----

The add machine script produce this entry:

[root@potato samba]# ldapsearch -x -LLL uid=tbird$
dn: uid=tbird$,ou=people,dc=indorama,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
uid: tbird$
cn: tbird$
sn: tbird$
uidNumber: 551
gidNumber: 551
homeDirectory: /dev/null
loginShell: /bin/false
description: TBIRD
Comment 1 Bambang Budiharto 2004-01-14 02:14:18 UTC
Forgot to add ldap.log :

This was produce by add machine script :
----------------------------------------------------------

Jan 14 16:58:00 potato slapd[7072]: conn=29 op=2 ADD
dn="uid=tbird$,ou=people,dc=indorama,dc=com"
Jan 14 16:58:00 potato slapd[7072]: conn=29 op=2 RESULT tag=105 err=0 text=
Jan 14 16:58:00 potato slapd[7072]: conn=29 op=3 UNBIND
Jan 14 16:58:00 potato slapd[7072]: conn=29 fd=22 closed
Jan 14 16:58:00 potato slapd[7072]: conn=30 fd=23 closed
Jan 14 16:58:00 potato slapd[7072]: conn=28 op=8 SRCH base="dc=indorama,dc=com"
scope=2 filter="(&(objectClass=posixAccount)(uid=tbird$))"
....

And samba try to ADD same DN :
-----------------------------------------------------------------------------

Jan 14 16:58:00 potato slapd[7072]: conn=27 op=10 ADD
dn="uid=tbird$,ou=people,dc=indorama,dc=com"
Jan 14 16:58:00 potato slapd[7072]: conn=27 op=10 RESULT tag=105 err=68 text=

Comment 2 Gerald (Jerry) Carter (dead mail address) 2004-02-10 14:05:15 UTC
Is there a trick to reproduce this?   It works fine for me.
Comment 3 Bambang Budiharto 2004-02-13 22:19:02 UTC
No trick at all. It always reproducable. However it was 'fix' in 3.0.2rc1.
Comment 4 Gerald (Jerry) Carter (dead mail address) 2004-03-05 10:39:57 UTC
reporter says fixed in 3.0.2rc1.
Comment 5 Gerald (Jerry) Carter (dead mail address) 2005-08-24 10:25:15 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.