LinuxQuestions.org - smbpasswd -a root (openLDAP)

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - smbpasswd -a root (openLDAP) (https://www.linuxquestions.org/questions/linux-networking-3/smbpasswd-a-root-openldap-345678/)

smbpasswd -a root (openLDAP)

i'm trying to add my root user via smbpasswd with my openLDAP backend and this is what happens

[root@fedora /]# smbpasswd -a root
failed to add domain dn= sambaDomainName=DOMAIN,ou=users,dc=fedora,dc=directory,dc=server with: Invalid DN syntax
invalid DN
Adding domain info for DOMAIN failed with NT_STATUS_UNSUCCESSFUL
New SMB password:
Retype new SMB password:
ldapsam_modify_entry: Failed to add user dn= uid=root,ou=users,dc=fedora,dc=directory,dc=server with: Undefined attribute type
sambaSID: attribute type undefined
ldapsam_add_sam_account: failed to modify/add user with uid = root (dn = uid=root,ou=users,dc=fedora,dc=directory,dc=server)
Failed to add entry for user root.
Failed to modify password entry for user root

and i don't know where all that is comeing from to fix it up ...

Are you using the right directory schema? sambaAccount is the default for samba. Also, have you used smbpasswd -w to set the root passwd for your directory server yet? It would help if you posted your etc/samba/smb.conf file.
You may want to tail -f your slapd log and see what comes up when you try to add the root user. It usually prints a fairly descriptive error message.

yes, i have set the smbpasswd -W password

i'm also fairly new the LDAP so i'm not sure what you mean by right schema?

and what is the tail -f ??

here is my smb.conf file

[global]

#LDAP

ldap admin dn = "cn=Directory Manager,dc=school,dc=cathedral,dc=qld,dc=edu,dc=au"
ldap server = school.cathedral.qld.edu.au
ldap ssl = start_tls
ldap port = 389
ldap suffix = "ou=users,dc=school,dc=cathedral,dc=qld,dc=edu,dc=au"
ldap filter ="(&(uid=%U)(objectclass=sambaAccount))"

workgroup = fedora
netbios name = fedora
comment = Linux RedHat Samba Server
security = user
null passwords = Yes
encrypt passwords = yes

logon drive = U:
logon path = \\%N\profiles\%g

domain master = yes
domain logons = yes
preferred master = yes
os level = 255

# we have other wins server (samba, of course)
#wins support = yes
wins support = no
wins proxy = no
wins server = 159.237.12.25

log file = /usr/local/etc2/samba_2_2/logs
public = No
browseable = No
writable = No

[netlogon]
path = /usr/local/etc2/samba_2_2/netlogon
locking = no
read only = yes
write list = ntadmin

; share for storing user profiles
[profiles]
path = /usr/local/etc2/samba2_2/profiles
read only = no
writeable = yes
create mask = 0600
directory mask = 0700

by right schema i mean have you included samba.schema in your slapd.conf file. This schema defines object attributes and is necessary for smb-ldap.

tail -f will show you the end of a log file in real time as it is being updated. use it on your slapd log and you will almost certainly get some useful information.

tail -f /var/log/slapd.log

If that's not where your slapd log is, check slapd.conf for the path. you may want to add the line "loglevel 512" to your slapd.conf to make your logs more verbose.

Your smb.conf looks fine, but your smbpasswd is using the wrong dn. it dosen't match your directory. Try restarting samba to reload the smb.conf file. If that doesn't work, I don't know. Maybe you accidentally installed samba twice?

SHORTCUT: If you're willing to switch from slackware to fedora core, i know of a script that will completely set up samba with an LDAP backend, create a root account for samba, and give you a working domain in about 5 minutes. It will only run correctly on Fedora Core 3, but it runs great. check out http://majen.net/smbldap/ to get the tarball with the script and all the required rpms. You will probably find this much easier than setting up samba yourself. Just a thought.