Hi guys, I'm attempting to integrate FDS + the IdealX scripts to handle User, Group and Computer Management. It's all going reasonably well - I can authenticate against the Samba Domain and do most admin type tasks. I'm having an issue when attempting to add a Computer to the Domain, however. It's blowing chunks with an "Insufficient 'write' privilege" error. Log snippet below. Running "/usr/sbin/smbldap-useradd -w marisa$" from the command line works fine. I've tried adding an ACI for the admin user for "sambadomainname=bridges,dc=digitalbridges,dc=sys" but this doesn't appear to change anything. Any hints greatly appreciated! Alan [2006/08/09 11:12:57, 2] smbd/sesssetup.c:setup_new_vc_session(772) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/08/09 11:12:57, 2] smbd/sesssetup.c:setup_new_vc_session(772) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/08/09 11:12:57, 2] lib/smbldap.c:smbldap_open_connection(722) smbldap_open_connection: connection opened [2006/08/09 11:12:57, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) init_sam_from_ldap: Entry found for user: alan.ferrier [2006/08/09 11:12:57, 2] passdb/pdb_ldap.c:init_group_from_ldap(2199) init_group_from_ldap: Entry found for group: 513 [2006/08/09 11:12:57, 2] passdb/pdb_ldap.c:init_group_from_ldap(2199) init_group_from_ldap: Entry found for group: 1002 [2006/08/09 11:12:57, 2] passdb/pdb_ldap.c:init_group_from_ldap(2199) init_group_from_ldap: Entry found for group: 1003 [2006/08/09 11:12:57, 2] passdb/pdb_ldap.c:init_group_from_ldap(2199) init_group_from_ldap: Entry found for group: 1025 [2006/08/09 11:12:57, 2] auth/auth.c:check_ntlm_password(307) check_ntlm_password: authentication for user [alan.ferrier] -> [alan.ferrier] -> [alan.ferrier] succeeded [2006/08/09 11:12:57, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670) Returning domain sid for domain BRIDGES -> S-1-5-21-683103908-991045669-825688854 [2006/08/09 11:12:57, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670) Returning domain sid for domain BRIDGES -> S-1-5-21-683103908-991045669-825688854 Error: Insufficient 'write' privilege to the 'uidNumber' attribute of entry 'sambadomainname=bridges,dc=digitalbridges,dc=sys'. [2006/08/09 11:12:58, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2415) _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w marisa$' gave 1 [2006/08/09 11:12:59, 2] smbd/server.c:exit_server(614) Closing connections -- ----------------------------- e-Commerce Systems Manager I-play 3 Pitreavie Court Pitreavie Business Park Dunfermline KY11 8UU UK Tel: +44 (0) 1383 723234 Fax: +44 (0) 1383 723235 Mob: +44 (0) 7796 148326 ============================= ________________________________________________________________________ E-mail is an informal method of communication and may be subject to data corruption, interception and unauthorised amendment for which I-play, a trading name of Digital Bridges Ltd will accept no liability. Therefore, it will normally be inappropriate to rely on information contained on e-mail without obtaining written confirmation. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. (C) 2005. I-play is a trademark and trading name of Digital Bridges Limited. All Rights Reserved. ________________________________________________________________________ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp
