Re: [Samba] add machine script not running
- Date: Thu, 16 Nov 2017 08:20:03 +0100
- From: Daniel Berteaud via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] add machine script not running
Le 15/11/2017 à 19:23, Andrew Bartlett via samba a écrit :
You have 'add machine script = /usr/local/bin/addworkstation.pl "%u"'
Try removing the double quotes.
There isn't doesn't see to be anything else really wrong with your
While it is possible our parsing of the smb.conf has changed, I think
this is a red herring.
I've tried both with and without the quotes without difference
This is an upgrade issue, so we should be holding as many things
constant as possible, once we confirm things like the script has been
copied over correctly and is executing manually on the new host.
Assuming it is confirmed that the script does not execute at all, i
would just say this:
Yes, when running manually on the root shell, it executes correctly and
create the machine account I need. Once I did it, I can join the machine
to the domaine, samba will find the entry in LDAP and add the correct
sambaSamAccount objectClass and related attributes.
Where is this part mentioned in the doc ? I can see anything regarding
account creation in LDAP, except for this editposix directive.
Everything else just mention the add machine script.
Sadly the LDAP backend of the NT4/classic DC is not automatically
tested in our make test. However I can't see any specific change in
our control flow here, we should still execute that script if the new
account is created over SAMR CreateUser2 with ACB_WSTRUST.
The account will still be created in LDAP even if ldapsam:editposix =
yes is not set,
it will just not be created with posix attributes. If
that were set, we wouldn't run the script however.
That's what I understood from the doc, so I made sure editposix is not set.
As a point of debugging, is the 'add user script' script run instead?
Nop, also tried.
Now, the "funny" thing is that, it did work, something like 3 times in
over 50 tries. It's not just the config because, once it worked, I
removed the same workstation from the domain, removed the LDAP entry,
made no configuration change, not service restart and tried again,
without success. It might be related to some caching effect of sssd, I
need to dig a bit deepper.
Société de Services en Logiciels Libres
Tel : 05 56 64 15 32 <tel:0556641532>
To unsubscribe from this list go to the following URL and read the