Re: problem with creating a machine account (sarge)
bernd wrote:
Hello,
my tests with dabian-edu-sarge are in the second week and now i have a
problem
i created my own ip net (192.168.0.0)
> i have removed everything whats pointed to 10.0.2.0
you have a main server only, and you changed it to use 192.168.0.0 as
backbone ?
That should not be a big problem if you did things correctly
it works fine
after some problems wlus is working --- i had used smbpasswd -w but this
damaged my system -----
now this is running fine -- i have removed the db files and with the
debian-edu installation of ldap i have made them working again--
Ok, so you now got a working wlus again ?
And Samba is also working ?
My tests show me that wlus is working fine and i can login to the
workgroup=skolelinux from an xp workstation by username+passwd
Is this on a workstation that is not a member of the domain, or is it a
workstation that was added to the domain before fatal "smbpasswd -w "
was run ?
now, when i try to bind a machine (xp-pro) to get memeber of the domain
i get the following error
domain=skolelinux
asking about user who is allowed = root passwd=smbadminpw(it works
with wlus)
The smbadminpw should not be known to anyone. it is only used to add
some samba entities to the objects in the ldap tree. the reason for
splitting them up is that the password for the smbadmin is stored on the
server. It is scrambled, but it's rather easy to descramble.
what happens when you use "smbpasswd -w something" is that you tell
samba that the password "something" is to be used when it should add
some samba entities to an already existing object in the ldap tree.
there is another account - the samba root account - that is not the same
as the unix root account. Someone asked if we could have used another
name for this account, maybe "Administrator", like in windows, but
"root" is so much shorter to type :) This is a pure samba account, but
originally, it has no password set. this is it should be ok to give out
this password to junior admins, to let them add machines to the domain.
It is also possible to set up a group, and let this group add machines
to the samba domain.
ok - to debug your installation - this is a strict
debian-edu_sarge-based installation right ? No packages are added from
outside the debian-repository (or debian-edu) ?
then to see if the user root exist, you may use the following command
ldapserch -h ldap -x -LLL \
-b ou=People,dc=skole,dc=skolelinux,dc=no \
uid=root
(The "\" at the end, tells bash that the command continues on the next line)
You should get some output like this:
dn: uid=root,ou=People,dc=skole,dc=skolelinux,dc=no
objectClass: sambaSamAccount
objectClass: account
uid: root
sambaSID: S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXX-1000
xp shows me, that there is no user root found
when i touch the log of the client in /var/samba/
on tjener :
Undefined subroutine &main: :read_adduser_config called at
/etc/samba/smbaddclient.pl line 20, <DATA> line 225.
the script smbaddclient.pl has no line 225 and in
ldap-users.pl in line 225 there is
#search for users in a given domain $basedn.
sub ldap_search_users ..........
Looks like we have a bug - I'm not surprised :)
Anyone who ever had this Problem ?
I read a lot of things over googling the net but now i am at the point
that i think its better to ask .
NO, this one is new to me (And I think I have seen most of them)
--
Finn-Arne Johansen, faj@bzz.no
http://bzz.no
tlf: 37254514 / 92640070
Reply to: