On Thu, Aug 21, 2014 at 09:13:19PM +0200, Petter Reinholdtsen wrote: > > in-target: cfengine:tjener:du-install: info: Fetching SMB domain SID. > in-target: cfengine:tjener:du-install: fetch_ldap_pw: neither ldap secret retrieved! > in-target: cfengine:tjener:du-install: pdb_init_ldapsam_common: Failed to retrieve LDAP password from secrets.tdb > in-target: cfengine:tjener:du-install: pdb backend ldapsam:"ldap://ldap.intern"; did not correctly init (error was NT_STATUS_NO_MEMORY) > in-target: cfengine:tjener:du-install: WARNING: Could not open passdb > in-target: cfengine:tjener:du-install: Setting stored password for "cn=smbadmin,ou=samba,dc=skole,dc=skolelinux,dc=no" in secrets.tdb > in-target: cfengine:tjener:du-install: error: unable to fetch Samba SID > > I have no idea why it fail. Please help out if you know how Samba work > in Jessie. Not quite sure, but I guess that the failure is due to Samba (v. 4.1.11) now running as Active Directory Domain Controller by default. Seems to be that additional statements must be contained in smb-debian-edu.conf to tell Samba to work as NT4-style PDC like before in wheezy: # configure as NT4-style PDC server role = classic primary domain controller acl allow execute always = true I'm wondering, if it wouldn't be good to set up Samba as AD DC, but for the moment I've tested the forced NT4-style role and was able to add a Samba account for the first user using smbpasswd -a <first user>. The modified account showed up in the ldap tree and smbclient -L tjener now lists the homedir share. Fix committed to git. Wolfgang
Attachment:
signature.asc
Description: Digital signature