BUG #281 / Only SIDs displayed on Win 2K

Gerald (Jerry) Carter jerry at samba.org
Wed Dec 10 16:57:45 GMT 2003

Hash: SHA1

Pierre Filippone wrote:

| I traced the error with ethereal and found that the grouplist
| is returned properly (ENUM_DOM_GROUPS) by the trusted DC but
| the group members are not (QUERY_GROUPMEM). The samba log
| on the trusted domain controller shows:
|   _samr_query_groupmem: access check ((granted: 0x00020011;
|     required: 0x00000010)
|   ldapsam_search_one_group: searching for:...
|   smbldap_open: cannot access LDAP when not root..

I think i just fixed this in the SAMBA_3_0 cvs (will be
included in 3.0.1rc2).  Please retest and let me know.

| Question number 2:
| When I try to list domain users/groups on share permissions
| or on filesystem permissions on a Win2k member server in a
| Samba 3 LDAP Domain, I see only the user's/group's SIDs and
| not their uids. This happens after logging off and on
| or after rebooting.  Installing the share is no problem. All
| users and groups can be displayed and selected properly
| with their uids/names. Probably the resolution from SID to uid
| does not work under special conditions.
| Everything works fine on Win2003 and WinXP domain members.
| This error happens only in Samba versions 3.0.1x. A
| downgrade to 3.0.0 solves the problem immediately.

I'm trying to track this down with Aurélien but
not making much progress.  If you could also send me
some traces that would be helpful.  Thanks.

- --
cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard            ------------------------- http://www.hp.com
~ SAMBA Team                 ---------------------- http://www.samba.org
~ GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
~ "If we're adding to the noise, turn off this song" --Switchfoot (2003)
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba-technical mailing list