[Samba] 3.0 alpha23 ldapsam/group mapping issue
satadru at umich.edu
satadru at umich.edu
Sat Apr 19 18:22:32 GMT 2003
I just moved from using samba 2.2.5 using ldapsam on a mac os x server
10.2.5 system to samba 3.0 alpha23. I have this samba server acting as a
PDC. I would like to enable group mappings but am having an issue.
This is the first group mapping error I get when a user first logs in:
ldap_connect_system: succesful connection to the LDAP server
[2003/04/19 13:39:00, 2]
/Users/admin/newsamba/samba-3.0alpha23/source/passdb/p
db_ldap.c:init_sam_from_ldap(1059)
Entry found for user: sambauser
[2003/04/19 13:39:00, 2]
/Users/admin/newsamba/samba-3.0alpha23/source/passdb/p
db_ldap.c:ldapsam_search_one_group(2187)
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gi
dNumber=1002))]
[2003/04/19 13:39:00, 2]
/Users/admin/newsamba/samba-3.0alpha23/source/passdb/p
db_ldap.c:ldapsam_search_one_group(2187)
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gi
dNumber=-1))]
[2003/04/19 13:39:00, 2]
/Users/admin/newsamba/samba-3.0alpha23/source/passdb/p
db_ldap.c:ldapsam_search_one_group(2187)
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber
=-1))]
[2003/04/19 13:39:00, 2]
/Users/admin/newsamba/samba-3.0alpha23/source/passdb/p
db_ldap.c:ldapsam_add_group_mapping_entry(2423)
Group -1 must exist exactly once in LDAP
I also get this error when running this command:
sudo smbgroupedit -c "Domain Admins" -u domadmin
(domadmin does exist as a group in ldap)
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(|(displayName=Domain
Admins)(cn=Domain Admins)))]
ldapsam_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=-1))]
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=-1))]
Group -1 must exist exactly once in LDAP
NT Group Domain Admins doesn't exist in mapping DB
There actually DOES exist a group called "nogroup" that has an entry of
gidNumber=-1.
What am I doing wrong?
Any assistance would be appreciated.
satadru pramanik
Systems Administrator,
Intercooperative Council of Ann Arbor
--
satadru at umich.edu
For a successful technology, reality must take precedence over
public relations, for nature cannot be fooled.
-R. P. Feynman,
Personal observations on the reliability of the Shuttle
More information about the samba
mailing list