Prev: [Samba] Samba & LDAP: "Unable to allocate a new user id: bailing out!"
Next: Samba as fileserver in an Windows AD Domain
From: Christian Geiger on 29 Oct 2009 03:50 Great - that was the reason. In case someone else encounters the same problem - adding the following lines helped: idmap backend = ldap idmap alloc backend = ldap idmap alloc config:ldap_base_dn = ou=idmaps,dc=lohrmann,dc=de idmap alloc config:ldap_user_dn = cn=samba,dc=lohrmann,dc=de idmap alloc config:ldap_url = ldap://ldap.lohrmann.de Thx François! Am 28.10.2009 17:23, schrieb François Legal: > You have to define an allocation backend for idmapping, so that winbindd > can allocate uids and gids for the users and groups that you want to > create. > > On Wed, 28 Oct 2009 16:32:35 +0100, Christian Geiger > <c.geiger(a)lohrmann.de> > wrote: >> Hi! >> >> I'm currently setting up a Samba 3 PDC. So far I managed to setup Samba >> with an OpenLDAP backend, but adding a user with the command "net rpc >> user add mg password -U root" results in the following error: >> >> Failed to add user 'mg' with: WERR_GENERAL_FAILURE. >> >> In the logfile it says: >> >> [2009/10/28 15:56:28, 0] passdb/pdb_ldap.c:ldapsam_create_user(5119) >> ldapsam_create_user: Unable to allocate a new user id: bailing out! >> >> Unfortunately I cannot find any other hint on what the reason could be. >> Has someone an idea what I might have misconfigured? >> >> Below's my smb.conf. The samba-user has granted the rights to manage the > >> whole domain-tree (olcAccess = {0}to dn.sub="dc=lohrmann,dc=de" by >> dn="cn=samba,dc=lohrmann,dc=de" manage by * break). >> >> Thx a lot in advance! >> >> Chris >> >> -------- >> >> smb.conf: >> >> [global] >> >> workgroup = LOHRMANN.DE >> domain logons = yes >> domain master = yes >> local master = yes >> preferred master = yes >> os level = 65 >> >> passdb backend = ldapsam >> ldap admin dn = cn=samba,dc=lohrmann,dc=de >> ldap suffix = dc=lohrmann,dc=de >> ldap passwd sync = yes >> ldap machine suffix = ou=machines >> ldap user suffix = ou=users >> ldap group suffix = ou=groups >> ldap idmap suffix = ou=idmaps >> ldap ssl = no >> idmap uid = 10000-20000 >> idmap gid = 10000-20000 >> >> ldapsam:trusted = yes >> ldapsam:editposix = yes >> >> logon drive = H: >> logon script = logon.bat >> logon path = \\%N\profiles\%U\%a >> >> [homes] >> comment = Users Home Directories >> valid users = %S >> writeable = yes >> >> [netlogon] >> comment = Network Logon Service >> path = /var/lib/samba/netlogon >> >> [profiles] >> comment = Users profiles >> path = /var/lib/samba/profiles >> >> [printers] >> comment = All Printers >> browseable = no >> path = /var/spool/samba >> printable = yes >> guest ok = no >> read only = yes >> create mask = 0700 >> >> [print$] >> comment = Printer Drivers >> path = /var/lib/samba/printers >> browseable = yes >> read only = yes >> guest ok = no > > __________ Hinweis von ESET NOD32 Antivirus, Signaturdatenbank-Version 4553 (20091028) __________ > > E-Mail wurde gepr�ft mit ESET NOD32 Antivirus. > > http://www.eset.com > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |