domain map group fail
Greg Dickie
greg at discreet.com
Thu Jan 20 12:27:58 GMT 2000
Yes but he said its been working for a while UNTIL he switched to TNG. AFAIK
this world readable thing started in TNG - my old 2.1 PDC has the domain groups
in private.
Greg
On 20-Jan-00 Luke Kenneth Casson Leighton wrote:
> On Thu, 20 Jan 2000, Vladimir Stavrinov wrote:
>
>> On Thu, 20 Jan 2000 14:17:06 +1100 Luke Kenneth Casson Leighton wrote:
>> --------
>>
>> > hi vladimir,
>> >
>> > the /etc/domaingroup.map file etc, it's world readable, right? this is
>>
>> Yes, I am aware of this. This configuration is not changing for an
>> year or more at all and I had no problems until start the TNG.
>
> argh. ok, can you try [latest cvs] again, and use rpcclient -S
> yoursambaserver -U% -l log and do the following commands:
>
> lsaquery
> enumusers
> enumgroups
> enumaliases
>
> then, pick an alias and a group that you _know is in the map files, and
> do:
>
> lookupnames "the alias name" "the group name" "maybe even a username"
>
> you should get some SIDs back. strip off all but the last RID, and do:
>
> lookupsids the-alias-rid the-group-rid maybe-even-the-username-rid
>
> you _should_ get the same alias, group and user names back, and it
> _should_ identify them correctly by type as well (thanks to elrond for
> that type patch!)
---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet (the logic is gone)
Montreal
(514) 954-7171
greg at discreet.com
More information about the samba-ntdom
mailing list