rc4 ldap backend groupmap bug?

godfrey godber at win.co.nz
Sun Sep 14 08:25:22 GMT 2003 

Yes have tried after your initial advice last week, I waited to see if 
it would get fixed in next rc but as did not reported.

When tdb is backend it works fine but when ldap is the backend it does 
not work.

[root at server01 extract]# net3 groupmap add ntgroup=test unixgroup=sys 
type=l rid=23000
[2003/09/14 20:14:36, 0] 
passdb/pdb_ldap.c:ldapsam_add_group_mapping_entry(1866)
  ldapsam_add_group_mapping_entry: Group 3 already exists in LDAP
adding entry for group test failed!

The code in passdb/pdb_ldap.c is I would guess supossed to give this 
error but it is not consistent with tdb backend.

Godfrey



John H Terpstra wrote:

>On Sun, 14 Sep 2003, godfrey wrote:
>
>  
>
>>When trying to add a groupmap entry for a unix group that already has a
>>groupmap entry I get the following
>>error "ldapsam_add_group_mapping_entry: Group 3 already exists in LDAP"
>>
>>I can reproduce this with rc1 to rc4
>>
>>It does not happen if use tdb backend, is ldap backend supposed to be
>>different?
>>
>>I am running mandrake samba3 packages thus net3 instead of net.
>>
>>John H Terpstra in an email to samba list said *
>>*
>>
>>"Not quite! You can not have more than one NT Domain Group per UNIX Group.
>>But you can have more than on NT Local Group per UNIX group.
>>
>>Try:
>>
>>net groupmap add ntgroup="Flying Pigs" unixgroup=sys type=l"
>>
>>see http://lists.samba.org/pipermail/samba/2003-September/000074.html
>>
>>so I assume ldap behaviour is wrong.
>>    
>>
>
>Have you tried:
>
>net groupmap add ntgroup=test unixgroup=sys type=l rid=23000
>
>- John T.
>
>  
>
>>Commands entered below
>>
>>[root at server01 samba3]# net3 groupmap list
>>Administrators (S-1-5-21-1617713866-2789119093-1479812082-512) -> root
>>Backup Operators (S-1-5-32-551) -> bin
>>Replicators (S-1-5-21-1617713866-2789119093-1479812082-1005) -> daemon
>>Power Users (S-1-5-32-547) -> sys
>>Print Operators (S-1-5-32-550) -> lp
>>Domain Admins (S-1-5-21-1617713866-2789119093-1479812082-21003) -> ntadmin
>>Staff (S-1-5-21-1617713866-2789119093-1479812082-22001) -> staff
>>Accounts (S-1-5-21-1617713866-2789119093-1479812082-22005) -> accounts
>>Family (S-1-5-21-1617713866-2789119093-1479812082-22007) -> family
>>Domain Guests (S-1-5-21-1617713866-2789119093-1479812082-514) -> nogroup
>>[root at server01 samba3]# net3 groupmap add ntgroup=test unixgroup=sys type=l
>>No rid or sid specified, choosing algorithmic mapping
>>[2003/09/14 19:29:06, 0]
>>passdb/pdb_ldap.c:ldapsam_add_group_mapping_entry(1866)
>>  ldapsam_add_group_mapping_entry: Group 3 already exists in LDAP
>>adding entry for group test failed!
>>
>>
>>Regards
>>
>>Godfrey
>>
>>
>>    
>>
>
>  
>

More information about the samba-technical mailing list