[Samba] Samba+LDAP + Primary GIDs
Kris Lou
klou at themusiclink.net
Mon Jan 25 12:18:36 MST 2010
PDC Results:
SID for local machine KIF is: S-1-5-21-1297059763-2273326489-1660943333
SID for domain MLC is: S-1-5-21-957249707-1866601452-441284377
Openfiler Results:
SID for local machine VADER is: S-1-5-21-2859034502-3981372097-2611941478
SID for domain MLC is: S-1-5-21-957249707-1866601452-441284377
As you can see, the domain SIDs match.
Also, here's the global portion of the Openfiler smb.conf and an example
share (portions edited). About this - I can obviously edit the smb.conf, but
it gets overwritten by the Openfiler gui whenever changes are made. Looking
at the file, I'm not understanding where the group security settings are
being placed. It looks like Openfiler runs with Samba 3.2.13
# Global settings
[global]
workgroup = MLC
server string = Openfiler NAS
netbios name = VADER
wins server = pdc.ip.add.ress //edited
password server = pdc.ip.add.ress //edited
realm =
; interfaces = 192.168.12.2/24 192.168.13.2/24
; remote announce = 92.168.1.255 192.168.2.44
; domain logons = yes
log file = /var/log/samba/%m.log
max log size = 0
; hosts deny = all
map to guest = Bad User
guest account = ofguest
display charset = LOCALE
unix charset = UTF-8
dos charset = CP850
ldap ssl = no
ldap admin dn =
//edited
ldap suffix =
//edited
encrypt passwords = yes
security = user
passdb backend = ldapsam:ldap://pdc.ip.add.ress //edited
ldap user suffix = ou=People
ldap group suffix = ou=Group
smb passwd file = /etc/samba/smbpasswd
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
; username map = /etc/samba/smbusers
obey pam restrictions = yes
load printers = no
domain master = no
local master = no
preferred master = no
os level = 0
[Purchasing]
comment = Purchasing Share
path = /mnt/fileshare/Purchasing/Purchasing
read only = no
writeable = yes
oplocks = yes
level2 oplocks = yes
force security mode = 0
dos filemode = yes
dos filetime resolution = yes
dos filetimes = yes
fake directory create times = yes
browseable = yes
csc policy = manual
share modes = yes
veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/
veto files = /*:Zone.Identifier:*/
create mode = 0770
directory mode = 2770
printable = no
guest ok = no
hosts allow = 23.23.23.0/24
hosts readonly allow =
store dos attributes = yes
map acl inherit = yes
vfs objects = shadow_copy
Kris Lou
klou at themusiclink.net
On Sat, Jan 23, 2010 at 3:34 PM, Rob Shinn <morgan at tuxedo.darktech.org>wrote:
> What does your 'net getdomainsid' or 'net getlocalsid' output look like?
>
>
> Kris Lou wrote:
>
> Hi Rob,
>
> Thanks for the quick reply - Here it is (mostly with some cut and paste).
>
> CentOS 5.4
> Samba 3.2.15
>
> dn: cn=Domain Admins,ou=Group,dc=themusiclink,dc=net
> description: Netbios Domain Administrators
> sambaSID: S-1-5-21-957249707-1866601452-441284377-512
> sambaGroupType: 2
> displayName: Domain Admins
> structuralObjectClass: posixGroup
> entryUUID: 1a60146c-cfad-102d-96b0-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507234700Z
> gidNumber: 512
> cn: Domain Admins
> userPassword:: e2NyeXB0fXg=
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> memberUid:
> memberUid:
> memberUid:
> entryCSN: 20091028001757Z#000001#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091028001757Z
>
> dn: cn=Domain Users,ou=Group,dc=themusiclink,dc=net
> description: Netbios Domain Users
> sambaSID: S-1-5-21-957249707-1866601452-441284377-513
> sambaGroupType: 2
> displayName: Domain Users
> structuralObjectClass: posixGroup
> entryUUID: 1a7ebb60-cfad-102d-96b1-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507234700Z
> gidNumber: 513
> cn: Domain Users
> userPassword:: e2NyeXB0fXg=
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> memberUid:
> memberUid:
> entryCSN: 20091215225639Z#000001#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091215225639Z
>
> dn: cn=Domain Guests,ou=Group,dc=themusiclink,dc=net
> description: Netbios Domain Guests Users
> sambaSID: S-1-5-21-957249707-1866601452-441284377-514
> sambaGroupType: 2
> displayName: Domain Guests
> structuralObjectClass: posixGroup
> entryUUID: 1a845502-cfad-102d-96b2-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507234700Z
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> gidNumber: 514
> cn: Domain Guests
> userPassword:: e2NyeXB0fXg=
> memberUid: design
> memberUid: fedex
> memberUid: infobox
> memberUid: mailbox
> memberUid: test
> entryCSN: 20090521203023Z#000002#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20090521203023Z
>
> dn: cn=Domain Computers,ou=Group,dc=themusiclink,dc=net
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 515
> cn: Domain Computers
> description: Netbios Domain Computers accounts
> sambaSID: S-1-5-21-957249707-1866601452-441284377-515
> sambaGroupType: 2
> displayName: Domain Computers
> structuralObjectClass: posixGroup
> entryUUID: 1a8ab492-cfad-102d-96b3-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507234700Z
> entryCSN: 20090507234700Z#000004#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20090507234700Z
>
> dn: cn=Administrators,ou=Group,dc=themusiclink,dc=net
> description: Netbios Domain Members can fully administer the computer/sambaDom
> ainName
> sambaSID: S-1-5-32-544
> sambaGroupType: 5
> displayName: Administrators
> structuralObjectClass: posixGroup
> entryUUID: 1a905d16-cfad-102d-96b4-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507234700Z
> objectClass: top
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 544
> cn: Administrators
> userPassword:
> memberUid: administrator
> memberUid: root
> entryCSN: 20090516003337Z#000001#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20090516003337Z
>
> dn: sambaDomainName=MLC,dc=themusiclink,dc=net
> objectClass: top
> objectClass: sambaDomain
> objectClass: sambaUnixIdPool
> sambaDomainName: MLC
> sambaSID: S-1-5-21-957249707-1866601452-441284377
> structuralObjectClass: sambaDomain
> entryUUID: 1aab5d3c-cfad-102d-96b9-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507234701Z
> sambaLockoutThreshold: 0
> sambaRefuseMachinePwdChange: 0
> sambaMinPwdLength: 5
> sambaLogonToChgPwd: 0
> sambaForceLogoff: -1
> sambaMinPwdAge: 0
> sambaMaxPwdAge: -1
> sambaPwdHistoryLength: 0
> gidNumber: 1033
> uidNumber: 1043
> sambaNextRid: 1100
> entryCSN: 20100104223853Z#000002#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20100104223853Z
>
> n: cn=TML.Accounting,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: TML.Accounting
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1145
> structuralObjectClass: posixGroup
> entryUUID: 90185732-cfad-102d-97b9-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1011
> sambaGroupType: 2
> displayName: TML Accounting
> description: Domain Unix group
> memberUid: mailman
> memberUid: mtong
> memberUid: psmith
> memberUid: spatrino
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193050Z#000003#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193050Z
>
> dn: cn=TML.CustomerService,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: TML.CustomerService
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1030
> structuralObjectClass: posixGroup
> entryUUID: 901f89bc-cfad-102d-97ba-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1145
> sambaGroupType: 2
> displayName: TML Customer Service
> description: Domain Unix group
> memberUid: aatz
> memberUid: rbrown
> memberUid: middenm
> memberUid: shipper1
> memberUid: msoyangco
> memberUid: psmith
> memberUid: loliphant
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193050Z#000004#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193050Z
>
> dn: cn=TML.Marketing,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> structuralObjectClass: posixGroup
> entryUUID: 90270db8-cfad-102d-97bb-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1028
> sambaGroupType: 2
> displayName: TML Marketing
> description: Domain Unix group
> gidNumber: 1028
> cn: TML.Marketing
> userPassword:: e2NyeXB0fXg=
> memberUid: aatz
> memberUid: cchan
> memberUid: grich
> memberUid: labels
> memberUid: mailman
> memberUid: mjohans
> memberUid: schen
> memberUid: shipper1
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193050Z#000005#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193050Z
>
> dn: cn=TML,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> cn: TML
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1026
> structuralObjectClass: posixGroup
> entryUUID: 902c14f2-cfad-102d-97bc-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> memberUid: aatz
> memberUid: bjones
> memberUid: bsweinberg
> memberUid: cchan
> memberUid: darguello
> memberUid: dbeasley
> memberUid: ggrimm
> memberUid: grich
> memberUid: jbruno
> memberUid: jlaplaca
> memberUid: jshort
> memberUid: kbyrne
> memberUid: mtong
> memberUid: loliphant
> memberUid: mgosnell
> memberUid: middenm
> memberUid: mjohans
> memberUid: mlekas
> memberUid: msoyangco
> memberUid: psmith
> memberUid: schen
> memberUid: ship1
> memberUid: slevintow
> memberUid: spatrino
> memberUid: sthompson
> memberUid: tatz
> memberUid: tbrownlee
> memberUid: tchum
> memberUid: training
> memberUid: ups
> memberUid: mguiffre
> memberUid: ship2
> memberUid: ship3
> memberUid: ship4
> memberUid: klou
> memberUid: jboron
> memberUid: tocampo
> memberUid: dhaberman
> entryCSN: 20091215225639Z#000002#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091215225639Z
>
> dn: cn=TML.Sales,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: TML.Sales
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1029
> structuralObjectClass: posixGroup
> entryUUID: 903119c0-cfad-102d-97bd-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1006
> sambaGroupType: 2
> displayName: TML Sales
> description: Domain Unix group
> memberUid: jbruno
> memberUid: bsweinberg
> memberUid: loliphant
> memberUid: bjones
> memberUid: jshort
> memberUid: sthompson
> memberUid: mlekas
> memberUid: jlaplaca
> memberUid: mguiffre
> memberUid: kbyrne
> memberUid: klou
> memberUid: tocampo
> memberUid: dhaberman
> entryCSN: 20091215225530Z#000000#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091215225530Z
>
> dn: cn=TML.QA,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> structuralObjectClass: posixGroup
> entryUUID: 903729b4-cfad-102d-97be-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1009
> sambaGroupType: 2
> displayName: TML.QA
> description: Domain Unix group
> gidNumber: 1033
> cn: TML.QA
> userPassword:: e2NyeXB0fXg=
> memberUid: ggrimm
> memberUid: tatz
> memberUid: darguello
> memberUid: grich
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#000001#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=TML.Purchasing,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: TML.Purchasing
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1034
> structuralObjectClass: posixGroup
> entryUUID: 903bc794-cfad-102d-97bf-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1007
> sambaGroupType: 2
> displayName: TML Purchasing
> description: Domain Unix group
> memberUid: slevintow
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#000002#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=TML.Warehouse,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: TML.Warehouse
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1035
> structuralObjectClass: posixGroup
> entryUUID: 90406b28-cfad-102d-97c0-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1008
> sambaGroupType: 2
> displayName: TML Warehouse
> description: Domain Unix group
> memberUid: tchum
> memberUid: dbeasley
> memberUid: mgosnell
> memberUid: tbrownlee
> memberUid: rbrown
> memberUid: ups
> memberUid: ship1
> memberUid: ship2
> memberUid: ship3
> memberUid: ship4
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#000003#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=TML.RTL,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: TML.RTL
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1047
> structuralObjectClass: posixGroup
> entryUUID: 904504a8-cfad-102d-97c1-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1047
> sambaGroupType: 2
> displayName: TML RTL
> description: Domain Unix group
> memberUid: middenm
> memberUid: loliphant
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#000004#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> cn: AXL
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1036
> structuralObjectClass: posixGroup
> entryUUID: 9049a9ae-cfad-102d-97c2-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> memberUid: mhohman
> memberUid: btownsend
> memberUid: kliu
> memberUid: ljiang
> memberUid: schen
> memberUid: training
> memberUid: vsin
> memberUid: klou
> memberUid: achan
> memberUid: hku
> memberUid: kyao
> memberUid: mlee
> memberUid: mmccoy
> memberUid: tgao
> memberUid: vtomic
> memberUid: wkwan
> memberUid: ycheng
> memberUid: yliu
> memberUid: aku
> memberUid: mwessner
> memberUid: aliu
> memberUid: ichen
> memberUid: jmagana
> memberUid: rhaile
> memberUid: vxue
> memberUid: jli
> memberUid: tbuddingh
> memberUid: vhttech
> memberUid: tocampo
> entryCSN: 20091202193051Z#000005#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Sales,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: AXL.Sales
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1037
> structuralObjectClass: posixGroup
> entryUUID: 904b9e80-cfad-102d-97c3-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1005
> sambaGroupType: 2
> displayName: AXL Sales
> description: Domain Unix group
> memberUid: mhohman
> memberUid: btownsend
> memberUid: ljiang
> memberUid: achan
> memberUid: mmccoy
> memberUid: vtomic
> memberUid: aliu
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#000006#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Sales.Manager,ou=Group,dc=themusiclink,dc=net
> structuralObjectClass: posixGroup
> entryUUID: 904fa2fa-cfad-102d-97c4-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1038
> sambaGroupType: 2
> displayName: AXL Sales Manager
> description: Domain Unix group
> gidNumber: 1038
> cn: AXL.Sales.Manager
> userPassword:: e2NyeXB0fXg=
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> memberUid: vtomic
> memberUid: tocampo
> entryCSN: 20091202193051Z#000007#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Purchasing,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: AXL.Purchasing
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1039
> structuralObjectClass: posixGroup
> entryUUID: 9054d5f4-cfad-102d-97c5-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1039
> sambaGroupType: 2
> displayName: AXL Purchasing
> description: Domain Unix group
> memberUid: kyao
> memberUid: tgao
> memberUid: wkwan
> memberUid: ycheng
> memberUid: aliu
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#000008#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Purchasing.Manager,ou=Group,dc=themusiclink,dc=net
> structuralObjectClass: posixGroup
> entryUUID: 9059cc12-cfad-102d-97c6-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1040
> sambaGroupType: 2
> displayName: AXL Purchasing Manager
> description: Domain Unix group
> gidNumber: 1040
> cn: AXL.Purchasing.Manager
> userPassword:: e2NyeXB0fXg=
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> memberUid: wkwan
> memberUid: tocampo
> entryCSN: 20091202193051Z#000009#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Engineering,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: AXL.Engineering
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1041
> structuralObjectClass: posixGroup
> entryUUID: 905e6b50-cfad-102d-97c7-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1041
> sambaGroupType: 2
> displayName: AXL Engineering
> description: Domain Unix group
> memberUid: aku
> memberUid: aliu
> memberUid: ichen
> memberUid: jmagana
> memberUid: rhaile
> memberUid: klou
> memberUid: jli
> memberUid: tbuddingh
> memberUid: tocampo
> entryCSN: 20091202193051Z#00000a#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Engineering.Manager,ou=Group,dc=themusiclink,dc=net
> structuralObjectClass: posixGroup
> entryUUID: 90631006-cfad-102d-97c8-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1042
> sambaGroupType: 2
> displayName: AXL Engineering Manager
> description: Domain Unix group
> gidNumber: 1042
> cn: AXL.Engineering.Manager
> userPassword:: e2NyeXB0fXg=
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> memberUid: jli
> memberUid: aku
> memberUid: tocampo
> memberUid: jmagana
> memberUid: tbuddingh
> entryCSN: 20091221193322Z#000000#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091221193322Z
>
> dn: cn=AXL.CustomerService,ou=Group,dc=themusiclink,dc=net
> structuralObjectClass: posixGroup
> entryUUID: 9067a7c4-cfad-102d-97c9-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1043
> sambaGroupType: 2
> displayName: AXL Customer Service
> description: Domain Unix group
> gidNumber: 1043
> cn: AXL.CustomerService
> userPassword:: e2NyeXB0fXg=
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> memberUid: mmccoy
> memberUid: aliu
> memberUid: ljiang
> memberUid: vsin
> memberUid: tocampo
> entryCSN: 20091202193051Z#00000c#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.CustomerService.Manager,ou=Group,dc=themusiclink,dc=net
> structuralObjectClass: posixGroup
> entryUUID: 906c48b0-cfad-102d-97ca-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1044
> sambaGroupType: 2
> displayName: AXL Customer Service Manager
> description: Domain Unix group
> gidNumber: 1044
> cn: AXL.CustomerService.Manager
> userPassword:: e2NyeXB0fXg=
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> memberUid: ljiang
> memberUid: vsin
> memberUid: tocampo
> entryCSN: 20091202193051Z#00000d#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Accounting,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: AXL.Accounting
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1045
> structuralObjectClass: posixGroup
> entryUUID: 9070ec4e-cfad-102d-97cb-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1045
> sambaGroupType: 2
> displayName: AXL Accounting
> description: Domain Unix group
> memberUid: kliu
> memberUid: hku
> memberUid: mlee
> memberUid: aliu
> memberUid: vxue
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#00000e#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: cn=AXL.Accounting.Manager,ou=Group,dc=themusiclink,dc=net
> objectClass: posixGroup
> objectClass: top
> objectClass: sambaGroupMapping
> cn: AXL.Accounting.Manager
> userPassword:: e2NyeXB0fXg=
> gidNumber: 1046
> structuralObjectClass: posixGroup
> entryUUID: 90758614-cfad-102d-97cc-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235018Z
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1046
> sambaGroupType: 2
> displayName: AXL Accounting Manager
> description: Domain Unix group
> memberUid: kliu
> memberUid: hku
> memberUid: klou
> memberUid: tocampo
> entryCSN: 20091202193051Z#00000f#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091202193051Z
>
> dn: uid=inez$,ou=People,dc=themusiclink,dc=net
> uid: inez$
> sambaSID: S-1-5-21-957249707-1866601452-441284377-2326
> displayName: INEZ$
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 1233688280
> sambaPwdMustChange: 2147483647
> sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
> 00000000
> sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> sambaAcctFlags: [W ]
> sambaBadPasswordCount: 0
> sambaBadPasswordTime: 0
> objectClass: sambaSamAccount
> objectClass: account
> structuralObjectClass: account
> entryUUID: a4090ae8-cfad-102d-97cf-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235051Z
> sambaNTPassword: EB97ADC8AE0B0D345521BA0B4ED10410
> sambaPwdLastSet: 1262646184
> entryCSN: 20100104230304Z#000000#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20100104230304Z
>
> dn: uid=mguiffre$,ou=People,dc=themusiclink,dc=net
> uid: mguiffre$
> sambaSID: S-1-5-21-957249707-1866601452-441284377-2358
> displayName: MGUIFFRE$
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 1203349442
> sambaPwdMustChange: 2147483647
> sambaNTPassword: B4477BB59E8B04EE0635CEE872F9E3E1
> sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
> 00000000
> sambaPwdLastSet: 1203349442
> sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> sambaAcctFlags: [W ]
> sambaBadPasswordCount: 0
> sambaBadPasswordTime: 0
> objectClass: sambaSamAccount
> objectClass: account
> structuralObjectClass: account
> entryUUID: a4420226-cfad-102d-97d0-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235051Z
> entryCSN: 20090507235051Z#000013#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20090507235051Z
>
> dn: uid=MICHAEL$,ou=People,dc=themusiclink,dc=net
> uid: MICHAEL$
> sambaSID: S-1-5-21-957249707-1866601452-441284377-2244
> displayName: MICHAEL$
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 1235874383
> sambaPwdMustChange: 2147483647
> sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
> 00000000
> sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> sambaAcctFlags: [W ]
> sambaBadPasswordCount: 0
> sambaBadPasswordTime: 0
> objectClass: sambaSamAccount
> objectClass: account
> structuralObjectClass: account
> entryUUID: a4749e8e-cfad-102d-97d1-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235052Z
> sambaNTPassword: C4FCBF20D7CF3EC3595535D90CCCA660
> sambaPwdLastSet: 1262238476
> entryCSN: 20091231054756Z#000000#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20091231054756Z
>
> dn: uid=lrrr$,ou=People,dc=themusiclink,dc=net
> uid: lrrr$
> sambaSID: S-1-5-21-957249707-1866601452-441284377-1014
> displayName: Computer Acct
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaPwdMustChange: 0
> sambaNTPassword: 01F5F78FF4DC2A00D532520533E2108D
> sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
> 00000000
> sambaPwdLastSet: 0
> sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> sambaAcctFlags: [W ]
> sambaBadPasswordCount: 0
> sambaBadPasswordTime: 0
> objectClass: sambaSamAccount
> objectClass: account
> structuralObjectClass: account
> entryUUID: a47af162-cfad-102d-97d2-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235052Z
> entryCSN: 20090507235052Z#000005#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20090507235052Z
>
> dn: uid=RYAN$,ou=People,dc=themusiclink,dc=net
> uid: RYAN$
> sambaSID: S-1-5-21-957249707-1866601452-441284377-2260
> displayName: THE-M47RJJ9T53W$
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 1234524689
> sambaPwdMustChange: 2147483647
> sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
> 00000000
> sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> sambaAcctFlags: [W ]
> sambaBadPasswordCount: 0
> sambaBadPasswordTime: 0
> objectClass: sambaSamAccount
> objectClass: account
> structuralObjectClass: account
> entryUUID: a480f800-cfad-102d-97d3-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235052Z
> sambaNTPassword: 9656CE740570EBB847AD131D65E3BBEB
> sambaPwdLastSet: 1246490780
> entryCSN: 20090701232620Z#000000#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20090701232620Z
>
> dn: uid=salesspare$,ou=People,dc=themusiclink,dc=net
> uid: salesspare$
> sambaSID: S-1-5-21-957249707-1866601452-441284377-2410
> displayName: SALESSPARE$
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 1233972359
> sambaPwdMustChange: 2147483647
> sambaNTPassword: 75B1501C5F90B5D23F824AB99CA47E14
> sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
> 00000000
> sambaPwdLastSet: 1233972359
> sambaLogonHours: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
> sambaAcctFlags: [W ]
> sambaBadPasswordCount: 0
> sambaBadPasswordTime: 0
> objectClass: sambaSamAccount
> objectClass: account
> structuralObjectClass: account
> entryUUID: a503c17c-cfad-102d-97d4-6fd9fc452718
> creatorsName: cn=Manager,dc=themusiclink,dc=net
> createTimestamp: 20090507235053Z
> entryCSN: 20090507235053Z#000004#00#000000
> modifiersName: cn=Manager,dc=themusiclink,dc=net
> modifyTimestamp: 20090507235053Z
>
>
>
>
> Kris Louklou at themusiclink.net
>
>
>
> On Mon, Jan 18, 2010 at 2:06 PM, Rob Shinn <morgan at tuxedo.darktech.org> <morgan at tuxedo.darktech.org> wrote:
>
>
> Kris Lou wrote:
>
>
> I've checked my ldif's - the groups exist, the users exists as
> memberids, but it looks like samba is only checking the gid?
>
>
>
> Can you post the LDIFs of your groups (you can edit out any incriminating
> evidence ;)? Sounds like your groups are lacking correct sambaSID or
> sambaGroupType attributes.
>
>
>
>
>
More information about the samba
mailing list