Web lists-archives.com

Re: [Samba] ?==?utf-8?q? add machine script not running




On Thu, 2017-11-16 at 09:53 +0100, Daniel Berteaud via samba wrote:
> Le Jeudi, Novembre 16, 2017 09:35 CET, Rowland Penny <rpenny@xxxxxxxxx> a écrit: 
>  > 
> > This may have nothing to do with Samba, if you are running sssd, then
> > this will be doing the authentication. 
> 
> sssd was providing the NSS -> LDAP layer, just like nss-ldap would do
> (it also provides a pam module equivalent to pam-ldap for UNIX
> accounts)
> 
> > If you are running sssd, try turning it off and use Samba instead,
> > see
> > if this fixes your problem.
> 
> But unlike nss-ldap, sssd does provide some caching mecanism that's
> why I think it's this part which breaks something.
> 
> Switching to nss-ldap+pam-ldap instead of sssd makes everything
> working. I just don't understand why. How can this makes samba
> ignore "add machine script" and instead try to create the entry
> directly ?

This is executed when the posix account doesn't exist, so it depends on
the return value of getpwnam(), which in turn makes nss calls.

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba