On Wed, Jan 09, 2008 at 03:08:59PM -0500, Gary Martin wrote:
> I am following the instructions in the Howto:Samba documentation on
> the FDS Wiki site. When I go to edit the Administrator account using
> the following command:
[snip]
> # Administrator, People, test.com
> dn: uid=Administrator,ou=People,dc=test,dc=com
> uid: Administrator
> cn: Samba Admin
> givenName: Samba
> sn: Admin
> mail: Administrator at test.com
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> loginShell: /bin/bash
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /root
> gecos: Samba Admin
Did you add this user with smbpasswd? AFAIK it should have the
sambaSamAccount objectclass with the various attributes that samba
creates (which is dependant upon your version of samba).
The HOWTO specifies using the command:
$ smbpasswd -a Administrator -w<ldap-admin-password>
The ldap filter samba uses (3.0.25 at least) is of the form:
(&(uid=USERNAME)(objectClass=sambaSamAccount))
So if you haven't added the user via samba (or added the attributes
manually) the filter won't match and samba won't find the user.
Cheers.
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
> Should this account have some Samba Domain info? What did I do wrong?
> Here is a copy of the sambaAdmin.ldif I used:
>
> dn: uid=Administrator,ou=People,dc=test,dc=com
> uid: Administrator
> cn: Samba Admin
> givenName: Samba
> sn: Admin
> mail: Administrator at test.com
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> userPassword: {crypt}x
> loginShell: /bin/bash
> uidNumber: 0
> gidNumber: 0
> homeDirectory: /root
> gecos: Samba Admin
>
> And a copy of my smb.conf if it helps:
>
> [global]
> workgroup = DOMAIN
> security = user
> passdb backend = ldapsam:ldap://vandread.test.com
> ldap admin dn = cn=Directory Manager
> ldap suffix = dc=test,dc=com
> ldap user suffix = ou=People
> ldap machine suffix = ou=People
> ldap group suffix = ou=Groups
> log file = /var/log/samba/%m.log
> log level = 3
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> os level = 33
> domain logons = yes
> domain master = yes
> local master = yes
> preferred master = yes
> wins support = yes
> logon home = \\%L\%u\profiles
> logon path = \\%L\profiles\%u
> logon drive = H:
> template shell = /bin/false
> winbind use default domain = no
>
> winbind nested groups = no
> enable privileges = yes
>
>
> Thanks.
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Jonathan Barber
High Performance Computing Analyst
Tel. +44 (0) 1382 386389
