[Bug 515991] New: add_machine.ycp script fails (samba, ldap, yast)
http://bugzilla.novell.com/show_bug.cgi?id=515991 Summary: add_machine.ycp script fails (samba, ldap, yast) Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: P.rehme@physik.uni-stuttgart.de QAContact: jsrain@novell.com Found By: Community User Scenario: samba configured as PDC, ldap backend, add_machine.ycp %m$ used as add machine script. Behaviour: Joining the domain fails (Linux(same machine) and Windows XP). It fails to create the machine account on the fly in ldap. The reason seams to be the lower case letters of the attributes "loginShell", "userPassword" and "homeDirectory" passed via the data_map structure to the YaPI::USERS:UserAdd fuction. Further on, by using upper case letters, the machine account is created, but the samba information (especially the SID) is missing. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 Paul Rehme <P.rehme@physik.uni-stuttgart.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 Marcus Meissner <meissner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |locilka@novell.com |ovo.novell.com | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User locilka@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c1 Lukas Ocilka <locilka@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|locilka@novell.com |jsuchome@novell.com --- Comment #1 from Lukas Ocilka <locilka@novell.com> 2009-06-24 07:33:30 MDT --- Nothing has been changed for quite a long time in add_machine script, handing over to YaPI maintainer. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c2 --- Comment #2 from Jiří Suchomel <jsuchome@novell.com> 2009-06-24 07:41:09 MDT --- (In reply to comment #0)
The reason seams to be the lower case letters of the attributes "loginShell", "userPassword" and "homeDirectory" passed via the data_map structure to the YaPI::USERS:UserAdd fuction.
Oops, that's true.
Further on, by using upper case letters, the machine account is created, but the samba information (especially the SID) is missing.
Looking into add_machine.ycp, I can see that the Samba plugin is not used while creating new user, and this plugin should care of samba info. I'll attach a patch tat you can test. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c3 --- Comment #3 from Jiří Suchomel <jsuchome@novell.com> 2009-06-24 07:41:47 MDT --- Created an attachment (id=300063) --> (http://bugzilla.novell.com/attachment.cgi?id=300063) patch for add_machine.ycp -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c4 Jiří Suchomel <jsuchome@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |P.rehme@physik.uni-stuttgar | |t.de --- Comment #4 from Jiří Suchomel <jsuchome@novell.com> 2009-06-24 07:42:34 MDT --- Please test if it works with added plugin... -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User P.rehme@physik.uni-stuttgart.de added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c5 Paul Rehme <P.rehme@physik.uni-stuttgart.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|P.rehme@physik.uni-stuttgar | |t.de | --- Comment #5 from Paul Rehme <P.rehme@physik.uni-stuttgart.de> 2009-06-24 07:55:33 MDT --- Still no success. adding a machine to ldap via add_machine <machine-name>$ works. Joining afterwards to the domain works. BUT: Just joining the domain from linux/windows doesn't work. It says, that the machine account could not be created. Also there is no ldap entry afterwards. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c6 Jiří Suchomel <jsuchome@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |P.rehme@physik.uni-stuttgar | |t.de --- Comment #6 from Jiří Suchomel <jsuchome@novell.com> 2009-06-25 07:04:35 MDT --- Well, I don't know how this works, but when should be the add_machine script called? Is it called when joining the domain? What says that "machine account could not be created"? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c7 --- Comment #7 from Jiří Suchomel <jsuchome@novell.com> 2009-09-03 02:52:54 MDT --- Ping... any news? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c8 --- Comment #8 from Jiří Suchomel <jsuchome@novell.com> 2009-09-16 03:40:19 MDT --- Paul, could you please add logs from add_machine call? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User P.rehme@physik.uni-stuttgart.de added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c9 --- Comment #9 from Paul Rehme <P.rehme@physik.uni-stuttgart.de> 2009-09-17 09:59:34 MDT --- Hi, net join DOMAIN fails when executed once. If one execute the command a second time you have success. After the 1st try a ldap entry is created. /var/log/messages says: 1st try: Sep 17 17:57:27 haraldtest2 smbd[1592]: [2009/09/17 17:57:27, 0] rpc_server/srv_netlog_nt.c:get_md4pw(306) Sep 17 17:57:27 haraldtest2 smbd[1592]: get_md4pw: Workstation HARALDTEST2$: no account in domain Sep 17 17:57:27 haraldtest2 smbd[1592]: [2009/09/17 17:57:27, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(502) Sep 17 17:57:27 haraldtest2 smbd[1592]: _netr_ServerAuthenticate2: failed to get machine password for account HARALDTEST2$: NT_STATUS_ACCESS_DENIED Sep 17 17:57:27 haraldtest2 smbd[1592]: [2009/09/17 17:57:27, 0] rpc_server/srv_netlog_nt.c:get_md4pw(306) Sep 17 17:57:27 haraldtest2 smbd[1592]: get_md4pw: Workstation HARALDTEST2$: no account in domain Sep 17 17:57:27 haraldtest2 smbd[1592]: [2009/09/17 17:57:27, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(502) Sep 17 17:57:27 haraldtest2 smbd[1592]: _netr_ServerAuthenticate2: failed to get machine password for account HARALDTEST2$: NT_STATUS_ACCESS_DENIED 2nd try: Sep 17 17:58:17 haraldtest2 smbd[1691]: [2009/09/17 17:58:17, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:17 haraldtest2 smbd[1691]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ Sep 17 17:58:17 haraldtest2 smbd[1691]: [2009/09/17 17:58:17, 0] rpc_server/srv_netlog_nt.c:get_md4pw(322) Sep 17 17:58:17 haraldtest2 smbd[1691]: get_md4pw: Workstation HARALDTEST2$: account is not a trust account Sep 17 17:58:17 haraldtest2 smbd[1691]: [2009/09/17 17:58:17, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(502) Sep 17 17:58:17 haraldtest2 smbd[1691]: _netr_ServerAuthenticate2: failed to get machine password for account HARALDTEST2$: NT_STATUS_NO_TRUST_SAM_ACCOUNT Sep 17 17:58:17 haraldtest2 smbd[1691]: [2009/09/17 17:58:17, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:17 haraldtest2 smbd[1691]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ Sep 17 17:58:17 haraldtest2 smbd[1691]: [2009/09/17 17:58:17, 0] rpc_server/srv_netlog_nt.c:get_md4pw(322) Sep 17 17:58:17 haraldtest2 smbd[1691]: get_md4pw: Workstation HARALDTEST2$: account is not a trust account Sep 17 17:58:17 haraldtest2 smbd[1691]: [2009/09/17 17:58:17, 0] rpc_server/srv_netlog_nt.c:_netr_ServerAuthenticate2(502) Sep 17 17:58:17 haraldtest2 smbd[1691]: _netr_ServerAuthenticate2: failed to get machine password for account HARALDTEST2$: NT_STATUS_NO_TRUST_SAM_ACCOUNT Sep 17 17:58:20 haraldtest2 smbd[1692]: [2009/09/17 17:58:20, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:20 haraldtest2 smbd[1692]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ Sep 17 17:58:20 haraldtest2 smbd[1692]: [2009/09/17 17:58:20, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:20 haraldtest2 smbd[1692]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ Sep 17 17:58:20 haraldtest2 smbd[1692]: [2009/09/17 17:58:20, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:20 haraldtest2 smbd[1692]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ Sep 17 17:58:20 haraldtest2 smbd[1692]: [2009/09/17 17:58:20, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:20 haraldtest2 smbd[1692]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ Sep 17 17:58:20 haraldtest2 smbd[1692]: [2009/09/17 17:58:20, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:20 haraldtest2 smbd[1692]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ Sep 17 17:58:21 haraldtest2 smbd[1694]: [2009/09/17 17:58:21, 0] passdb/pdb_get_set.c:pdb_get_group_sid(210) Sep 17 17:58:21 haraldtest2 smbd[1694]: pdb_get_group_sid: Failed to find Unix account for haraldtest2$ -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c10 --- Comment #10 from Jiří Suchomel <jsuchome@novell.com> 2009-09-18 00:38:59 MDT --- Well, now I don't know if we are still in original situation. I assume you have add_machine.ycp patched. Now, do you call this script and it reports the problems? Than please add YaST log files. Or do you try to join manually after add_machine.ycp? Or are you joining from ysat2-samba-client module? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User P.rehme@physik.uni-stuttgart.de added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c11 --- Comment #11 from Paul Rehme <P.rehme@physik.uni-stuttgart.de> 2009-09-18 02:53:28 MDT --- The add_machine.ycp is pathced. Creating a machine account via "yast [..]/add_machine.ycp COMPUTER$" works fine. But if you want to join the domain via "net join DOMAINNAME" the first try fails (if the computer has no LDAP entry). After the first try the computer has a LDAP entry. If you then try to join the domain a second time via "net join DOMAINNAME" the comuper joins the domain succsessfully. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User boyang@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c13 --- Comment #13 from Yang Bo <boyang@novell.com> 2009-09-21 03:58:14 MDT --- @jmcd: Do you have some idea about this? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User boyang@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c14 Yang Bo <boyang@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Info Provider|samba-maintainers@SuSE.de |P.rehme@physik.uni-stuttgar | |t.de --- Comment #14 from Yang Bo <boyang@novell.com> 2009-09-26 21:12:26 MDT --- @Paul: what machine did you invoke the command "net join DOMAINNAME" from? The domain controller itself? Could you please provide log files on the domain controller according to description at http://en.opensuse.org/Bugs/Samba? Make sure you stop samba and delete all log files of samba before you perform the test and provide logs. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jsuchome@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c15 Jiří Suchomel <jsuchome@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |danielstefanmader@web.de --- Comment #15 from Jiří Suchomel <jsuchome@novell.com> 2009-10-23 03:31:49 MDT --- *** Bug 549177 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=549177 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User danielstefanmader@web.de added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c16 --- Comment #16 from Daniel Mader <danielstefanmader@web.de> 2009-10-23 05:13:48 MDT --- If I understand correctly, the joining of the domain always fails now on the first try during which the machine account is created. It doesn't matter if it's a Windows box (graphical dialog) or a Linux client (net join DOMAINNAME). The add_machine.ycp script works OK now after the patching, i.e. it properly creates an LDAP entry, no matter if invoked manually (yast (..)/add_machine.ycp machinename$) or triggered by Samba. I suspect this to be a Samba issue but I have no proof at all. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User danielstefanmader@web.de added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c17 --- Comment #17 from Daniel Mader <danielstefanmader@web.de> 2009-10-24 09:35:03 MDT --- Created an attachment (id=324000) --> (http://bugzilla.novell.com/attachment.cgi?id=324000) compressed archive of /var/log/samba directory I have stopped smbd and nmbd, cleaned the samba logs, set the log level to 10, and restarted the services. Prior to that I have removed a Windows XP system from the domain which runs as a virtual machine in a private subnet. I could reproduce the issue (as always). The relevant logs are starting around 2009/10/24 17:17:00: At the first try, only the the machine account is created, and a second try is necessary in order to join the system fully. (Prior to that, I had different problems: *after* the domain admin login prompt from the graphical dialog (and thus a successful query for the domain master), it repeatedly failed with the following error: "The specified domain either does not exist or could not be contacted". After several retries, it worked without actually changing anything. I am unsure if this is a Samba bug, a misconfiguration issue, or due to a flaky/unstable network. Helpful comments are deeply appreciated.) Just for completness: the samba server and the LDAP backend are on the same server, and both a public and a private subnet are defined (we are running out of IPs :) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User danielstefanmader@web.de added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c18 --- Comment #18 from Daniel Mader <danielstefanmader@web.de> 2009-10-24 09:50:09 MDT --- Created an attachment (id=324001) --> (http://bugzilla.novell.com/attachment.cgi?id=324001) /var/log/messages starting with a full services restart -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 Daniel Mader <danielstefanmader@web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|P.rehme@physik.uni-stuttgar | |t.de | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User jmcdonough@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c20 James McDonough <jmcdonough@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |danielstefanmader@web.de --- Comment #20 from James McDonough <jmcdonough@novell.com> 2009-10-29 09:03:40 MDT --- Can you try doing this with nscd turned off? I'm wondering if we have an issue there. The behavior of a second try working is usually a symptom of the old behavior before we flushed the nscd cache. In this case, we're trying to flush it, and despite the error message, it's claiming to work. THe error message itself is a bug, as it's examining the return code incorrectly (zero means success), but it doesn't cause a functional problem, only an incorrect log message. Can you even do this outside of samba at a shell? Just issue the add_machine.ycp command to add the machine, and immediately do a "getent passwd machinename$" (be sure to have the $) and see if it returns a passwd entry. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 James McDonough <jmcdonough@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jmcdonough@novell.com AssignedTo|samba-maintainers@SuSE.de |jmcdonough@novell.com -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=515991 User danielstefanmader@web.de added comment http://bugzilla.novell.com/show_bug.cgi?id=515991#c21 Daniel Mader <danielstefanmader@web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|danielstefanmader@web.de | --- Comment #21 from Daniel Mader <danielstefanmader@web.de> 2009-11-09 03:54:55 MST --- Sorry for the delay. Stopping nscd does not change the behavior of the domain joining from a windows machine. Concerning the script: As I mentioned in the duplicate report, the add_machine.ycp script basically works: rioja:~ # /sbin/yast /usr/share/YaST2/data/add_machine.ycp lalalala$ [1]+ Done yast2 rioja:~ # getent passwd lalalala$ lalalala$:*:10125:100:lalalala$:/var/lib/nobody:/bin/false Since this affects our SLES11 production machine (with a paid license) I'm afraid I cannot continue with further testing, and I hope this bug gets more attention in the future :) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=515991 https://bugzilla.novell.com/show_bug.cgi?id=515991#c22 Michael Ellis <infotech@lcprivate.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |infotech@lcprivate.com.au --- Comment #22 from Michael Ellis <infotech@lcprivate.com.au> 2010-08-21 11:29:53 UTC --- (In reply to comment #3)
Created an attachment (id=300063) --> (http://bugzilla.novell.com/attachment.cgi?id=300063) [details] patch for add_machine.ycp
Thank you so much. I have just updated my Suse Linux Enterprise Server x86_64 from version 10 SP3 to version 11 SP1. The add_machine script had the wrong case and was missing the samba plugin as indicated in your patch. I applied the changes and it fixed my problem. Again, thank you. Note that before the patch, the add_machine script fails silently. It did not create the LDAP entry at all. btw, for amateurs like myself, is there any chance you could provide the patch command. I made the changes manually this time. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=515991 https://bugzilla.novell.com/show_bug.cgi?id=515991#c23 Joschi Brauchle <joschibrauchle@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |joschibrauchle@gmx.de --- Comment #23 from Joschi Brauchle <joschibrauchle@gmx.de> 2011-07-26 09:18:52 UTC --- BTW: As mentioned by Michael, the problems with add_machine.ycp persist with SLES11SP1! Once the script is patched, joining a domain from a Windows machine fails the FIRST time, but succeeds the SECOND time! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=515991 https://bugzilla.novell.com/show_bug.cgi?id=515991#c24 Joschi Brauchle <joschibrauchle@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Normal |Major --- Comment #24 from Joschi Brauchle <joschibrauchle@gmx.de> 2011-07-26 14:32:36 UTC --- Ok, I **think** we found the problem when joining the domain: First try: - Samba does an LDAP search in "ou=computers" for the computer, but doesnt find it - Samba runs the "add_machine.ycp" script to create the machine account in "ou=computers", this succeeds - Samba then seems to query NSS to find the newly created computer account. This FAILS, because in our setup the computers are stored in the ldap in "ou=computers", but the users are stored in "ou=users" and NSS is configured using the "nss_base_passwd ou=users" line in /etc/ldap.conf. - Samba returns an error and the join fails! Second try: - Samba does an LDAP search in "ou=computers" for the computer, and SUCCEEDS! - Samba continues with the process and the join succeeds! We are still checking the logs. I will upload them as soon as we are sure that this is the problem! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com