group mapping

Bradley W. Langhorst brad at langhorst.com
Sat Aug 10 04:55:27 GMT 2002 

Now that I'm reading the current code i've found a few debug statements
that might help.

[2002/08/09 12:33:49, 10] rpc_server/srv_samr_nt.c:load_group_domain_entries(271)
  load_group_domain_entries
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group System Operators is not of the requested
type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(797)
  enum_group_mapping: group Domain Users is non mapped
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Replicators is not of the requested type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Guests is not of the requested type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Power Users is not of the requested type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Print Operators is not of the requested type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Administrators is not of the requested type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group power_users is not of the requested type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Domain Admins is not of the requested type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(797)
  enum_group_mapping: group Domain Guests is non mapped
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Account Operators is not of the requested
type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Backup Operators is not of the requested
type
[2002/08/09 12:33:49, 11] groupdb/mapping.c:enum_group_mapping(791)
  enum_group_mapping: group Users is not of the requested type
[2002/08/09 12:33:49, 12]
rpc_server/srv_samr_nt.c:load_group_domain_entries(310)
  load_group_domain_entries: done


that function is passed SID_NAME_DOM_GRP
and this code checks it


00789                 /* list only the type or everything if UNKNOWN */
00790                 if (sid_name_use!=SID_NAME_UNKNOWN  &&
sid_name_use!=map.sid_name_use) {
00791                         DEBUG(11,("enum_group_mapping: group %s is
not of the requested type\n", map.nt_name));
00792                         free_privilege(set);
00793                         continue;
00794                 }

it's not type UNKNOWN its SID_NAME_DOM_GRP
so the testing to see if it is in the map causes rejection of the group

map.sid_name_use presumably should be SID_NAME_DOM_GRP but it is not...
i'm recompiling now to find out what it is...

Am i correct that 
00762                 ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddffd",
00763                                  &map.gid, &map.sid_name_use,
&map.nt_name, &map.comment, &map.systemaccount);
reads in the group mapping from group_mapping.tdb

brad

More information about the samba-technical mailing list