Hi
when trying to add a new user (dgurney) through server-manager onto a SME9.1 server (quite a few updates are not installed yet), we see the following in the logs:
Group dgurney successfully added!
User dgurney successfully added!
User dgurney successfully modified!
Failed to add entry for user dgurney.
Could not lock (smb) password for dgurney
S04user-create-unix=action|Event|user-create|Action|S04user-create-unix|Start|1469480349 819129|End|1469480351 649149|Elapsed|1.83002|Status|65280
This server has been changed some weeks ago to be:
db configuration setprop ldap Authentication enabled (more accidentally at that time when my colleagues were trying to allow ldap access from a third part application (ownCloud) running in another VM).
As I understand, such a change is irreversible and ldap should now be the backend for all authentication. There should be NO (?) entries any longer in /etc/passwd and /etc/group after that change (?) - but there is still contents in both files.
If the switch to ldap would have been completed properly at that time, I suspect we should not (?) see any longer the above "S04user-create-unix" event either.
Having doubts about the status of the ldap server, on the other hand, Samba now seems to rely on ldap auth as below from /etc/samba/smb.conf:
passdb backend = ldapsam:ldap://localhost
ldap admin dn = cn=root,dc=xxxxxxx,dc=co,dc=nz
ldap suffix = dc=xxxxx,dc=co,dc=nz
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap delete dn = no
ldap passwd sync = yes
ldap ssl = off
Windows domain logons are enabled, also Windows user roaming profiles and for all existing users and machine accounts, that is all working. I am scared of breaking this. Not sure what to do. Would appreciate help.