Hi Alejandro,I have looked at automagic Samba machine creation in Debian Edu squeeze more closely and I have compared two different methods: using smbldap-tools or using Samba itself with samba options ldapsam:trusted = yes and ldapsam:editposix=yes (in combination with windbind for id allocation).
I currently have ldapsam:trusted/ldapsam:editposix working, but GOsa complains about the objects being created when editing the objects (it moans when clicking on the [ Save ] button after editing):
# TEST-VM-WINXP$, winstations, systems, Computers, skole.skolelinux.no dn: uid=TEST-VM-WINXP$,ou=winstations,ou=systems,ou=Computers,dc=skole,dc=skol elinux,dc=no uid: TEST-VM-WINXP$ sambaSID: S-1-5-21-4199393816-2655555220-888217501-1016 sambaAcctFlags: [W ] cn: TEST-VM-WINXP$ uidNumber: 20019 gidNumber: 513 homeDirectory: /home/SCHULE/SMB_workstations_home loginShell: /bin/false sambaPwdLastSet: 1314220476 ipHostNumber: 10.0.2.86 macAddress: 52:54:00:3c:d8:bd objectClass: account objectClass: gotoWorkstation objectClass: ieee802Device objectClass: ipHost objectClass: posixAccount objectClass: sambaSamAccountI have other machine account objects that I migrated from an old ARKTUR server, these look like this:
# CR1-01$, winstations, systems, CR01, Computers, skole.skolelinux.no dn: uid=CR1-01$,ou=winstations,ou=systems,ou=CR01,ou=Computers,dc=skole,dc=sko lelinux,dc=no macAddress: aa:bb:cc:dd:ee:ff ipHostNumber: 10.0.2.65 uidNumber: 11016 gidNumber: 10006 homeDirectory: /dev/null gecos: Windows-Maschinen-Account sn: Windows-Maschine loginShell: /bin/false sambaSID: S-1-5-21-4199393816-2655555220-888217501-23032 sambaPrimaryGroupSID: S-1-5-21-4199393816-2655555220-888217501-10006 displayName: Windows-Maschinenaccount cr1-01 sambaPwdMustChange: 2147483647 sambaAcctFlags: [W ] sambaPwdCanChange: 1112274625 sambaPwdLastSet: 1112274625 description: (ungenutzt) objectClass: top objectClass: inetOrgPerson objectClass: ieee802Device objectClass: ipHost objectClass: posixAccount objectClass: sambaSamAccount objectClass: gotoWorkstation objectClass: person objectClass: organizationalPerson objectClass: gosaAccount objectClass: shadowAccount uid: CR1-01$ cn: CR1-01$These object work fine, but it is not an option to post-edit all machine accounts with ldapvi after they have been added by Samba.
Question (a): Is any of the LDAP objects above correct? Or do they miss anythin??? Question (b): Could you send an optimal Samba machine account object? Question (c):Do you have any idea for a generic way of adapting GOsa and/or Samba (ldapsam:editposix) in a way that both like each other???
THANKS!!! Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
Attachment:
pgpd_pZkZvfdn.pgp
Description: Digitale PGP-Unterschrift