[Samba] Re: Group mapping problem

Gonzalo Aguilera gaguilera at diputacionavila.es
Tue Dec 16 12:00:35 GMT 2003 

Hi,

I'm using tdb and Samba 3.0.0

in /etc/group I have

    domadm:x:502:yo,tu

net groupmap

    Domain Admins (S-1-5-21-1113206677-1823813211-1234567-512) -> domadm

Output of testparm:

Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[homes]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
# Global parameters
[global]
 unix charset = ISO-8859-15
 display charset = ISO-8859-15
 workgroup = MYDOMAIN
 netbios name = SERVIDOR
 root directory = administrator
 add machine script = /usr/sbin/useradd -d /dev/null -g maquinas -s
/bin/false -M %u
 logon script = logon.bat
 logon path = \\%N\profiles\%u
 logon drive = I:
 logon home = \\%N\profiles\%u\.profiles
 domain logons = Yes
 os level = 64
 preferred master = Yes
 domain master = Yes

[netlogon]
 path = /usr/local/samba/lib/netlogon
 browseable = No

[profiles]
 path = /profiles
 read only = No
 create mask = 0600
 directory mask = 0700
 browseable = No

[homes]
 read only = No
 create mask = 0770
 directory mask = 0770
 browseable = No

Thanks.

----- Original Message -----
From: "Jérôme Fenal" <jerome.fenal at logicacmg.com>
To: <samba at lists.samba.org>
Sent: Monday, December 15, 2003 1:55 PM
Subject: [Samba] Re: Group mapping problem


> Gonzalo Aguilera wrote:
> >     Hi,
> >
> >         I have Samba 3 as Domain controller. From a Windows 2000
Professional I share a folder (c:\test) with access permission for certain
domain user (MYDOMAIN\yo). I can access to that folder from other w2000 with
that user validated into it. If I add that user to a unix group (domadm) and
map this group to Domain Admins (net groupmap modify ntgroup="Domain Admins"
unixgroup=domadm) and change w2000 shared folder access permission for group
MYDOMAIN\Domain Admins I get Access Denied. What's wrong?
> >
> >     Thanks.
> Please include more informations about your setup :
> - What sam type are you using (tdb, ldap, etc.) ?
> - Include a copy of testparm output
> - Include the content of the mapping (ie. which RID dd you give to the
> domadmin group?)
> - What version of Samba 3 (3.0.0, 3.0.1pre?, 3.0.1rc?)
> - and any more information that would be valuable to answer you
>
> Regards,
>
> Jérôme
>
> --
> Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre
> Groupe Expert & Managed Services - LogicaCMG France
> http://www.logicacmg.com/fr/ - <mailto:jerome.fenal AT logicacmg.com>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list