[Samba] samba3/ldap/net groupmap fails
Beast
indorama at rad.net.id
Fri Dec 12 08:25:26 GMT 2003
Friday, December 12, 2003, 6:17:30 AM, John wrote:
>>
>> I don't understand why it is like this...
>>
>> Fabien
>>
> are you suggesting this may be a problem with samba3? because i've been
> trying to resolve this issue for several days now, thinking there must
> be a problem with our ldap setup. somehow, it seems strange that this
> could be a problem with samba. we thought that perhaps samba didn't like
> something in our ldap. surely others are able to get the ntgroups to
> show correctly with ldapsam as the first backend....otherwise, no one
> would have a working samba3/ldap setup.
> putting tdpsam as the first backend allows for ntgroups, but since we
> don't use it, none of our profiles load if we do this. users get stuck
> with temp profiles.
> this is driving me bonkers:-)
Hi,
1. you must create group mapping manually.
2. unix group you've assigning to "Domain Admins" MUST be in ldap (not
in /etc/group).
ie.
root# net groupmap modify rid=512 -d1 ntgroup="Domain Admins"
unixgroup=domadmin
the domadmin group must be stored in ldap, not /etc/group.
i found lot of typo or incorrect info in smb howto collection, i've
ordering the printable version on amazon, hopefully it has different
content than the online version.
> --john
--beast
More information about the samba
mailing list