[Samba] samba 3.0 and group mapping

Thomas Stegbauer tsmailing at tronicplanet.de
Tue Jul 2 00:45:04 GMT 2002


hi list,

i am playing with samba 3.0 alpha 17 from cvs 20020701 and global groups 
running as pdc.

i installed to /usr/local/samba30 (having the lock dir under 
/var/lock/samba30). i mapped some unix groups, but the dont appear as 
global group. on the w2k sp1 machine. i have also no domain admins 
right. the domain logon itself works fine.

any ideas?


btw: swat doesnt not work for me, it brings on the netscape client: 
document contains now data. just for information.

thanx 4 any answers
thomas


output from smbgroupedit

NT group (SID) -> Unix group
System Operators (S-1-5-32-549) -> -1
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Domain Admins (S-1-5-21-3013901393-2549662177-2794664770-512) -> tpuseradmin
Domain Guests (S-1-5-21-3013901393-2549662177-2794664770-514) -> nogroup
neuburger (S-1-5-21-3013901393-2549662177-2794664770-2001) -> service
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Account Operators (S-1-5-32-548) -> -1
Domain Users (S-1-5-21-3013901393-2549662177-2794664770-513) -> users
tronicplanet (S-1-5-21-3013901393-2549662177-2794664770-1219) -> 
tronicplanet
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1


i added the tronicplanet group with "smbgroupedit -a tronicplanet -td"

Domain Admins
         SID       : S-1-5-21-3013901393-2549662177-2794664770-512
         Unix group: tpuseradmin
         Group type: Unknown type
         Comment   :
         Privilege : SaAddUsers SeMachineAccountPrivilege SaPrintOp

tronicplanet
         SID       : S-1-5-21-3013901393-2549662177-2794664770-1219
         Unix group: tronicplanet
         Group type: Local group
         Comment   : Local Unix group
         Privilege : No privilege




smb.conf

[global]
#       code page directory = /etc/samba30/codepages
         workgroup = TP-SAMBA
         netbios name = TRONIC-PDC
         interfaces = 192.168.0.31/255.255.255.192
         bind interfaces only = Yes
         encrypt passwords = Yes
         security = user
#       password server = venus
         map to guest = Bad User
#       passwd program = /usr/local/sbin/ldapsync.pl -o %u
#       passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
*modifying*
         log file = /var/log/samba30/%m
         debug pid = Yes
         debug uid = Yes
         large readwrite = Yes
         time server = Yes
         socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY 
SO_SNDBUF=8192 SO_RCVBUF=8192
         load printers = No
#       character set = ISO8859-15
#       domain admin group = @smbadm
         logon path =
         logon home =
         domain logons = Yes
         use spnego = no
         os level = 64
         wins support = Yes
         passdb backend = ldapsam:ldap://localhost
#       ldap port = 389
#       ldap server = sonne.tronicplanet.de
         ldap suffix = dc=tronicplanet,dc=de
         ldap admin dn = uid=root,dc=tronicplanet,dc=de
         ldap ssl = no
         lock dir = /var/lock/samba30
         pid directory = /var/run/samba30
         socket address = 192.168.0.31
         host msdfs = Yes
#       admin users = @smbadm
#       printer admin = @smbprtadm
         printing = cups
         veto files = /*.eml/*.nws/riched20.dll/*.{*}/
         veto oplock files = /*.mdb/*.MDB/*.ldb/*.LDB/*.xls/*.XLS






More information about the samba mailing list