adding entry for group Domain Admins failed!

Gabriele Verzeletti gabriele at verzeletti.org
Wed Oct 27 12:31:44 GMT 2004


Hi all
	I try to setup samba+ldap PDC

My config:

Fedora core 2
samba-3.0.7-2.FC2
openldap-2.2.17
smbldap-tools-0.8.5-1.1

[slapd.conf]
include         /usr/local/openldap/etc/openldap/schema/core.schema
include         /usr/local/openldap/etc/openldap/schema/cosine.schema
include         /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include         /usr/local/openldap/etc/openldap/schema/nis.schema
include         /usr/local/openldap/etc/openldap/schema/samba.schema

# Allow LDAPv2 client connections.  This is NOT the default.
allow bind_v2

pidfile         /usr/local/openldap/var/run/slapd.pid
argsfile        /usr/local/openldap/var/run/slapd.args

database        bdb
suffix          "dc=samba,dc=lan"
rootdn          "cn=Manager,dc=samba,dc=lan"
rootpw          {SSHA}2EqXU0QdxPlGu0FZCPbAhf/3jvaJfIVB

directory       /usr/local/openldap/var/openldap-data

index   objectClass     eq
index cn                      pres,sub,eq
index sn                      pres,sub,eq
index uid                     pres,sub,eq
index displayName             pres,sub,eq
index uidNumber               eq
index gidNumber               eq
index memberUid               eq
index   sambaSID              eq
index   sambaPrimaryGroupSID  eq
index   sambaDomainName       eq
index   default               sub

[smb.conf]

[global]
    workgroup = SAMBA.LAN
netbios name = SAMBASRV
passdb backend = ldapsam:ldap://localhost
username map = /etc/samba/smbusers
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = scripts\logon.bat
logon path = \\%L\Profiles\%U
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
ldap suffix = dc=samba,dc=lan
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=People
ldap idmap suffix = ou=People
ldap admin dn = cn=Manager, dc=samba, dc=lan
ldap ssl = no
ldap passwd sync = Yes
    idmap uid = 15000-20000
    idmap gid = 15000-20000
    winbind separator = +
printing = cups
log file = /var/log/samba/log.%m
log level = 1

    security = user
    template shell = /bin/false
    winbind use default domain = no
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
# Printing auto-share (makes printers available thru CUPS)
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root
create mask = 0600
guest ok = Yes
printable = Yes
browseable = No
[print$]
comment = Printer Drivers Share
path = /var/lib/samba/drivers
write list = root
printer admin = maryo, root
# Needed to support domain logons
[netlogon]
comment = Network Logon Service
path = /home/netlogon
admin users = root
guest ok = Yes
browseable = No
[Profiles]
comment = Roaming Profile Share
path = /home/profiles
read only = No
profile acls = Yes

Whe i try to assign unix group to NT groups:

"net groupmap list"
result nothing

"net groupmap add ntgroup="Domain Admins" unixgroup=root rid=512"
The system say:
"adding entry for group Domain Admins failed!"

Here's ldap.log

Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_search
Oct 27 13:36:31 SambaSrv slapd[32461]: 
bdb_dn2entry("ou=people,dc=samba,dc=lan")
Oct 27 13:36:31 SambaSrv slapd[32461]: search_candidates: 
base="ou=people,dc=samba,dc=lan" (0x00000003) scope=2
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_dn2idl( 
"ou=people,dc=samba,dc=lan" )
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: 
@ou=people,dc=samba,dc=lan
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_dn2idl: id=3 first=3 last=9
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates 
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [b49d1940]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0, 
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates 
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [fd83b1e1]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read 6 candidates
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=6, 
first=10, last=15
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates 
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [62aec1bc]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0, 
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates 
(gidNumber)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [4e19954c]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0, 
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search_candidates: id=0 
first=3 last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search: no candidates
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: conn=31 op=39 p=3
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: err=0 
matched="" text=""
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_response: msgid=40 
tag=101 err=0
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10)
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10): got connid=31
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_read(10): checking for 
input on id=31
Oct 27 13:36:31 SambaSrv slapd[32461]: ber_get_next on fd 10 failed 
errno=11 (Resource temporarily unavailable)
Oct 27 13:36:31 SambaSrv slapd[32461]: do_search
Oct 27 13:36:31 SambaSrv slapd[32461]: >>> dnPrettyNormal: 
<ou=People,dc=samba,dc=lan>
Oct 27 13:36:31 SambaSrv slapd[32461]: <<< dnPrettyNormal: 
<ou=People,dc=samba,dc=lan>, <ou=people,dc=samba,dc=lan>
Oct 27 13:36:31 SambaSrv slapd[32461]: SRCH "ou=People,dc=samba,dc=lan" 2 0
Oct 27 13:36:31 SambaSrv slapd[32461]:     0 0 0
Oct 27 13:36:31 SambaSrv slapd[32461]:     filter: 
(&(objectClass=sambaIdmapEntry)(gidNumber=0))
Oct 27 13:36:31 SambaSrv slapd[32461]:     attrs:
Oct 27 13:36:31 SambaSrv slapd[32461]:  sambaSID
Oct 27 13:36:31 SambaSrv slapd[32461]:  uidNumber
Oct 27 13:36:31 SambaSrv slapd[32461]:  gidNumber
Oct 27 13:36:31 SambaSrv slapd[32461]:  objectClass
Oct 27 13:36:31 SambaSrv slapd[32461]:
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_search
Oct 27 13:36:31 SambaSrv slapd[32461]: 
bdb_dn2entry("ou=people,dc=samba,dc=lan")
Oct 27 13:36:31 SambaSrv slapd[32461]: search_candidates: 
base="ou=people,dc=samba,dc=lan" (0x00000003) scope=2
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_dn2idl( 
"ou=people,dc=samba,dc=lan" )
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: 
@ou=people,dc=samba,dc=lan
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_dn2idl: id=3 first=3 last=9
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates 
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [b49d1940]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0, 
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates 
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [62aec1bc]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0, 
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search_candidates: id=0 
first=3 last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search: no candidates
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: conn=31 op=40 p=3
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: err=0 
matched="" text=""
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_response: msgid=41 
tag=101 err=0
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10)
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10): got connid=31
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_read(10): checking for 
input on id=31
Oct 27 13:36:31 SambaSrv slapd[32461]: ber_get_next on fd 10 failed 
errno=0 (Success)
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_read(10): input 
error=-2 id=31, closing.
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_closing: readying 
conn=31 sd=10 for close
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_close: conn=31 sd=10



Oct 27 13:36:31 SambaSrv slapd[32461]: ber_get_next on fd 10 failed 
errno=11 (Resource temporarily unavailable)  <---- What's mean ??

Thx all for support !!!


More information about the samba-technical mailing list