[Samba] uncovering groupmap problems

Stéphane Purnelle stephane.purnelle at tiscali.be
Mon Dec 22 17:09:40 GMT 2003 

Craig White a écrit :

>On Mon, 2003-12-22 at 09:24, Stéphane Purnelle wrote:
>  
>
>>Craig White a écrit :
>>
>>    
>>
>>>On Mon, 2003-12-22 at 09:12, Stéphane Purnelle wrote:
>>> 
>>>
>>>      
>>>
>>>>>On Mon, 2003-12-22 at 07:46, Stéphane Purnelle wrote:
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>>>dn: cn=Domain Users,ou=Groups,o=Mullen,c=US
>>>>>>objectClass: posixGroup
>>>>>>objectClass: sambaGroupMapping
>>>>>>gidNumber: 513
>>>>>>cn: Domain Users
>>>>>>description: Netbios Domain Users
>>>>>>sambaSID: S-1-5-21-3186189368-1246494298-1334198317-513
>>>>>>sambaGroupType: 2
>>>>>>displayName: Domain Users
>>>>>>
>>>>>>dn: cn=root,ou=Group,o=Mullen,c=US
>>>>>>objectClass: posixGroup
>>>>>>objectClass: top
>>>>>>cn: root
>>>>>>gidNumber: 0
>>>>>>
>>>>>>I see in this desciption that root is in sub-tree ou=Group and Domain Users is in sub-tree ou=Groups, it's normal or not ?
>>>>>>  
>>>>>>
>>>>>>       
>>>>>>
>>>>>>            
>>>>>>
>>>>>----
>>>>>Yes, that is how I thought it was supposed to work.
>>>>>
>>>>>Thus all of the group info migrated from /etc/group went into ou=Group
>>>>>
>>>>>and all of the group info migrated from smbldap-populate.pl and
>>>>>hence-forth via LDAP assignments went into ou=Groups
>>>>>
>>>>>No?
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>And in your smb.conf what group suffix have you specified ?
>>>---
>>>moved top post to bottom for continuity...
>>>
>>>       ldap group suffix = ou=Groups
>>>       ldap user suffix = ou=People
>>>       ldap machine suffix = ou=Computers
>>>
>>>Craig
>>>
>>>
>>> 
>>>
>>>      
>>>
>>Ok, I think that is the problem, samba try to modfiy group "root" and 
>>cannot midify because is in ou=group.
>>Samba search in ou = groups
>>Can you try your command after moved
>>
>>dn: cn=root,ou=Group,o=Mullen,c=US
>>objectClass: posixGroup
>>objectClass: top
>>cn: root
>>gidNumber: 0
>>
>>TO
>>
>>dn: cn=root,ou=Groups,o=Mullen,c=US
>>objectClass: posixGroup
>>objectClass: top
>>cn: root
>>gidNumber: 0
>>    
>>
>---
>added new record cn=root,ou=Groups,o=Mullen,c=US (left the other in
>Group)
>
>close but still didn't work
>
># net groupmap modify ntgroup="Domain Users" unixgroup=root
>net: ../../../libraries/liblber/decode.c:500: ber_scanf: Assertion
>`((ber)->ber_opts.lbo_valid==0x2)' failed.
>Aborted
>[root at linserv2 migration]# net groupmap modify
>sid=S-1-5-21-3186189368-1246494298-1334198317-512 ntgroup="Domain Users"
>unixgroup=root type=domain
>net: ../../../libraries/liblber/decode.c:500: ber_scanf: Assertion
>`((ber)->ber_opts.lbo_valid==0x2)' failed.
>
>Craig
>
>
>  
>
Why you use net groupmap modify, if the first groupmapping of root 
group, I must use
$ net groupmap add sid=S-1-5-21-3186189368-1246494298-1334198317-512 
ntgroup="Domain Users" unixgroup=root type=domain

If it don't work, I think you can put a bug in bugzilla.

More information about the samba mailing list