You are here

Samba

smbldap-tools' "Failed to add entry for user"

Not so frequently asked questions and stuff: 

Situation

smbldap-populate populated the LDAP server correctly, but I didn't seem to be able to add users.

server# smbpasswd -a testuser1
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=NETBIOSNAME))]
smbldap_open_connection: connection opened
ldap_connect_system: successful connection to the LDAP server
The LDAP server is successfully connected
New SMB password:
Retype new SMB password:
ldapsam_getsampwnam: Unable to locate user [testuser1] count=0
Warning: homedirectory /home/testuser1 already exist. Check manually
_samr_create_user: Running the command `/usr/local/sbin/smbldap-useradd -m testuser1' gave 0
Could not find user testuser1, add script did not work
Failed to add entry for user testuser1.

Here is what was added into the LDAP server:

dn: uid=testuser1,ou=people,dc=example,dc=net
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: posixAccount
objectclass: shadowAccount
objectclass: inetOrgPerson
cn: testuser1
gidnumber: 513
homedirectory: /home/testuser1
sn: testuser1
uid: testuser1
uidnumber: 1012
gecos: System User
givenname: testuser1
loginshell: /bin/sh
userpassword: {crypt}x

You can see that the NT fields (sambaSID, sambaNTPassword, etc.) are missing, i.e. that the command did not complete.

Retrying with more debugging output (-D 10) showed:

smbldap_search_ext: base => [dc=example,dc=net], filter => [(&(uid=testuser1)(objectclass=sambaSamAccount))], scope => [2]
ldapsam_getsampwnam: Unable to locate user [testuser1] count=0

This is normal;

what is not is:

Get_Pwnam_internals didn't find user [testuser1]!

What the problem was

nss_ldap was not working. Apparently, samba can not work with LDAP without it.

Maybe I'd have known this if I had read the manual.

You know that nss_ldap is working if you can see samba's group in your system:

mmnas# getent group
[...]
Domain Admins:*:512:root
Domain Users:*:513
Domain Guests:*:514
Domain Computers:*:515
Administrators:*:544
Account Operators:*:548
Print Operators:*:550
Backup Operators:*:551
Replicators:*:552

How to do a netbios name reverse lookup using samba.

Not so frequently asked questions and stuff: 

How to do a netbios name reverse lookup using samba

Use nmblookup

# nmblookup -A 10.0.9.124
Looking up status of 10.0.9.124
        ZWM-SERVER      <00> -         H <ACTIVE>
        ZWM-SERVER      <03> -         H <ACTIVE>
        ZWM-SERVER      <20> -         H <ACTIVE>
        REZID           <1e> - <GROUP> H <ACTIVE>
        REZID           <00> - <GROUP> H <ACTIVE>

        MAC Address = 00-00-00-00-00-00

If you're on debian on don't have the command, install the package named samba-common-bin:

# apt-get install samba-common-bin

Sources:

smbclient can't list shares of windows 7

Not so frequently asked questions and stuff: 

Problem:
smbclient can't list the shares of a windows 7 box, even if smbmount can without problem.

$ smbclient -L //SOMEBOX -I 192.168.xx.yy
Enter someones's password: 
Anonymous login successful
Domain=[REZID] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

        Sharename       Type      Comment
        ---------       ----      -------
Error returning browse list: NT_STATUS_ACCESS_DENIED
Anonymous login successful
Domain=[REZID] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------

You are running a version of samba with a problem.
https://bugzilla.samba.org/show_bug.cgi?id=7577

$ smbclient --version
Version 3.3.2

Update samba to latest 3.4 or 3.5 or patch your current and enjoy.

 smbclient -L \\SOMEBOX -I 192.168.xx.yy
Enter root's password: 
Domain=[SOMEBOX] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

   Sharename       Type      Comment
   ---------       ----      -------
   ADMIN$          Disk      Administration à distance
 C$              Disk      Partage par défaut
    F$              Disk      Partage par défaut
    I$              Disk      Partage par défaut
    IPC$            IPC       IPC distant
   Share 1       Disk      
    Share 2         Disk      
  Share 3      Disk      
Domain=[SOMEBOX] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

    Server               Comment
    ---------            -------

    Workgroup            Master
 ---------            -------

Don't forget to update libsmbclient and libsmbclient-dev if you are using them.Problem:
smbclient can't list the shares of a windows 7 box, even if smbmount can without problem.

$ smbclient -L //SOMEBOX -I 192.168.xx.yy
Enter someones's password: 
Anonymous login successful
Domain=[REZID] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

        Sharename       Type      Comment
        ---------       ----      -------
Error returning browse list: NT_STATUS_ACCESS_DENIED
Anonymous login successful
Domain=[REZID] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------

You are running a version of samba with a problem.
https://bugzilla.samba.org/show_bug.cgi?id=7577

$ smbclient --version
Version 3.3.2

Update samba to latest 3.4 or 3.5 or patch your current and enjoy.

 smbclient -L \\SOMEBOX -I 192.168.xx.yy
Enter root's password: 
Domain=[SOMEBOX] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

 Sharename       Type      Comment
   ---------       ----      -------
   ADMIN$          Disk      Administration à distance
 C$              Disk      Partage par défaut
    F$              Disk      Partage par défaut
    I$              Disk      Partage par défaut
    IPC$            IPC       IPC distant
   Share 1       Disk      
    Share 2         Disk      
  Share 3      Disk      
Domain=[SOMEBOX] OS=[Windows 7 Professional 7600] Server=[Windows 7 Professional 6.1]

    Server               Comment
    ---------            -------

    Workgroup            Master
 ---------            -------

Don't forget to update libsmbclient and libsmbclient-dev if you are using them.

Prevent a windows computer from becoming local master

Not so frequently asked questions and stuff: 

Edit the registry:

.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\"MaintainServerList" => "No"

Reboot or stop the browser service:

 net stop Browser

attached files: antiwins.reg
http://zewaren.net/faq/index.php?action=attachment&id=38&file=antiwins.reg

Samba: Change of IP address isn't taken into account

Not so frequently asked questions and stuff: 

Symptom:

Doing a node status request to the domain master browser at IP [old_ip] failed

Explanation:

The following is an example of a problem we see from time to time:

"Samba was working fine. We had to change the IP address of the Samba server.
Following the change Samba does not work. We have tried EVERYTHING - it still
does not work!"

What to check:
--------------
1) Follow all instructions in DIAGNOSIS.txt from the samba docs directory.
2) Locate you browse.dat and wins.dat files. They may be found in the following
typical locations:
/usr/local/samba/var/locks
/var/locks/samba
/opt/samba/var/locks
If you can not locate where samba stores these files you can always run:
testparm | grep lock
3) Shut down samba.
4) Delete the browse.dat and wins.dat files
5) Restart samba.
6) Check that any files you deleted have been recreated.
7) Now follow DIAGNOSIS.txt again.

Cause:
------
Samba will place into these files entries for itself with your old IP
address. When you restart Samba it preloads it's name cache with this
information and expects to be able to resolve it's own address to the
same address as it has just read from these files.

Deleting the files means samba takes a little longer to stabilize on
startup but otherwise will now operate correctly.

In Samba 2.0 this problem has been fixed properly by storing signature
information in the relevant files.

Source:

* http://www.jalix.org/ressources/reseaux/nfs-samba/samba/_docs/faq.html#6

How to make libsmblient only open one connection per server

Not so frequently asked questions and stuff: 

Windows XP only accept 10 smb connections. When you parse a computer, you will only be able to open 10 shares, since samba doesn't close them at the right time.

Solution, initiate the library and modify the right parameter.

err = smbc_init(auth_fn, 1);
SMBCCTX  *hContext = smbc_set_context(NULL);

//Choose the working one between:
smbc_setOptionOneSharePerServer(hContext, 1);
//And
hContext->options.one_share_per_server = 1;
Subscribe to Samba