Hello, I have upgrade my samba PDC from 3.xx (lenny) to 4.1 (jessie). ldap and samba shares work all fine.
When I try to add a user I get the following smbpasswd -a foobar New SMB password: Retype new SMB password: ldapsam_create_user: Unable to allocate a new user id: bailing out! Failed to add entry for user foobar. I found this workaround https://lists.samba.org/archive/samba/2009-October/151528.html but testparam say that WARNING: The "idmap backend" option is deprecated Unknown parameter encountered: "idmap alloc backend" Ignoring unknown parameter "idmap alloc backend" smbd -V Version 4.1.17-Debian egrep -v "(^#|^$|^;)" /etc/samba/smb.conf [global] workgroup = foo dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d os level = 255 preferred master = yes domain master = yes local master = yes vfs object = recycle recycle:repository = /home/samba/Papierkorb/%U recycle:keeptree = yes recycle:exclude = *.tmp *.temp *.swp recycle:exclude_dir = /tmp /temp recycle:touch = yes server role = classic primary domain controller encrypt passwords = true passdb backend = ldapsam:ldapi:/// ldapsam:trusted=yes ldapsam:editposix=yes ldap admin dn = cn=admin,dc=foo ldap group suffix = ou=Groups ldap machine suffix = ou=Machines ldap user suffix = ou=Users ldap suffix = dc=foo ldap ssl = off obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user domain logons = yes logon path = logon script = login.bat admin users = root, Administrator, @Domain Admins, admin ;idmap uid = 10000-20000 ;idmap gid = 10000-20000 ;template shell = /bin/bash idmap alloc config:ldap_base_dn = ou=idmap,dc=foo idmap alloc config:ldap_user_dn = cn=admin,dc=foo idmap alloc config:ldap_url = ldapi:/// usershare allow guests = yes [homes] comment = Home Directories browseable = no read only = yes create mask = 0700 directory mask = 0700 valid users = %S [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = yes read only = yes [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no I want to use a samba NT4 domain and no AD. Thanks for any help. Best Regards, Basti
