domain map group fail

Luke Kenneth Casson Leighton lkcl at samba.org
Thu Jan 20 04:17:17 GMT 2000


On Thu, 20 Jan 2000, Vladimir Stavrinov wrote:

> On  Thu, 20 Jan 2000 14:17:06 +1100   Luke Kenneth Casson Leighton  wrote:
> -------- 
> 
> > hi vladimir,
> > 
> > the /etc/domaingroup.map file etc, it's world readable, right?  this is
> 
> Yes, I am aware of this. This configuration is not changing for an
> year or more at all and I had no problems until start the TNG.

argh.  ok, can you try [latest cvs] again, and use rpcclient -S
yoursambaserver -U% -l log and do the following commands:

lsaquery
enumusers
enumgroups
enumaliases

then, pick an alias and a group that you _know is in the map files, and
do:

lookupnames "the alias name" "the group name" "maybe even a username"

you should get some SIDs back.  strip off all but the last RID, and do:

lookupsids the-alias-rid the-group-rid maybe-even-the-username-rid

you _should_ get the same alias, group and user names back, and it
_should_ identify them correctly by type as well (thanks to elrond for
that type patch!)



More information about the samba-ntdom mailing list