[Fedora-directory-users] Samba and FDS 7.1 on Fedora Core 4 Error
Leonardo Pugliesi
l.pugliesi at exint.it
Thu Jul 21 13:44:16 UTC 2005
Adam Stokes ha scritto:
>On Thu, 2005-07-21 at 10:36 +0200, Leonardo Pugliesi wrote:
>
>
>>Adam Stokes ha scritto:
>>
>>
>>
>>>>>Leon,
>>>>>
>>>>>I think since you have an administrator account set already, do
>>>>>
>>>>>smbpasswd Adminsitrator
>>>>>
>>>>>the '-a' switch tells samba to add that user without it will just change
>>>>>the password and add the appropriate entries to directory server
>>>>>
>>>>>--
>>>>>Fedora-directory-users mailing list
>>>>>Fedora-directory-users at redhat.com
>>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>if i use "smbpasswd Administrator" i get:
>>>>_______________________________
>>>>[root at fedorac4 ~]# smbpasswd Administrator
>>>>New SMB password:
>>>>Retype new SMB password:
>>>>Failed to find entry for user administrator.
>>>>Failed to modify password entry for user administrator
>>>>[root at fedorac4 ~]#
>>>>_______________________________
>>>>so it seems that i can't add Administrator because the entry alredy
>>>>exists, but i can't modify it because it doesn't exists.....
>>>>am i missing something :-)
>>>>
>>>>thanx
>>>>
>>>>--
>>>>Fedora-directory-users mailing list
>>>>Fedora-directory-users at redhat.com
>>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
>>>>
>>>>
>>>>
>>>What does your smb.conf look like? Also is there anything in the samba
>>>logs?
>>>
>>>--
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users at redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>>
>>>
>>>
>>>
>>This is smb.conf (global section):
>>
>>[global]
>> workgroup = FEDORAC4
>> username map = /etc/samba/smbusers
>> enable privileges = yes
>> server string = Samba Server %v
>> security = user
>> encrypt passwords = Yes
>> min passwd length = 3
>> obey pam restrictions = No
>> ldap passwd sync = Yes
>> #unix password sync = Yes
>> passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
>> #passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new password*" %n\n"
>> ldap passwd sync = Yes
>> log level = 0
>> syslog = 0
>> log file = /var/log/samba/log.%m
>> max log size = 100000
>> time server = Yes
>> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>> mangling method = hash2
>> Dos charset = 850
>> Unix charset = ISO8859-1
>> logon script = logon.bat
>> logon drive = H:
>> logon home =
>> logon path =
>> domain logons = Yes
>> os level = 65
>> preferred master = Yes
>> domain master = Yes
>> wins support = Yes
>> passdb backend = ldapsam:ldap://fedorac4.localdomain
>> #passdb backend = ldap:ldap://fedorac4.localdomain
>> # passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://slave.idealx.com"
>> ldap filter = (&(objectclass=sambaSamAccount)(uid=%u))
>> ldap admin dn = cn=Directory Manager
>> ldap suffix = dc=localdomain
>> ldap group suffix = ou=Groups
>> ldap user suffix = ou=People
>> ldap machine suffix = ou=Computers
>> ldap idmap suffix = ou=Users
>> #ldap ssl = start tls
>> add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u"
>> ldap delete dn = Yes
>> #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u"
>> add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u"
>> add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g"
>> #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g"
>> add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g"
>> delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
>> set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u"
>>
>>
>>samba logs is empty
>>Leon
>>
>>
>>
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users at redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>>
>
>Not sure at this point, looks like you are using idealx scripts for some
>of the administration maybe they created the admin account?
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
>
the entry "Administrator.... " has been created with the ldif2ldap
method, as shown in the how-to.
the problem, in my opinion, is that if i use "smbldap-usershow
Administrator" i get the right entry:
_____________________________
[root at fedorac4 ~]# /opt/IDEALX/sbin/smbldap-usershow Administrator
dn: uid=Administrator,ou=People,dc=localdomain
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator at localdomain
objectClass: person,organizationalPerson,inetOrgPerson,posixAccount,top
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin
userPassword: {SSHA}2b/re4djmAJmmNCWnJmKcJLGlCRqdGdU
_____________________________
if i use "ldapsearch -x -Z '(uid=Administrator)' i get the right entry,
i suppose the same entry found with the other command:
____________________
[root at fedorac4 ~]# ldapsearch -x -Z '(uid=Administrator)'
ldap_start_tls: Protocol error (2)
additional info: unsupported extended operation
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (uid=Administrator)
# requesting: ALL
#
# Administrator, People, localdomain
dn: uid=Administrator,ou=People,dc=localdomain
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator at localdomain
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin
# search result
search: 3
result: 0 Success
# numResponses: 2
# numEntries: 1
[root at fedorac4 ~]#
_________________________________________-
i suppose the two command give me the same entry because sghould be
querying the same database......
if i use pdbedit -u Administrator
i get
_________________
[root at fedorac4 ~]# pdbedit -u Administrator
Username not found!
[root at fedorac4 ~]#
_________________
so if only samba related commands seem not to work properly perhaps the
problem is in samba configuration,
but in the guides downloaded from the website i didn't found how to
configure the part of the file for what concern the scripts of entries
managemant such as adding users, machine, etc......
what should i do now?
bye leon
More information about the 389-users
mailing list