[Samba] uncovering groupmap problems

Craig White craigwhite at azapple.com
Mon Dec 22 17:19:20 GMT 2003 

On Mon, 2003-12-22 at 10:09, Stéphane Purnelle wrote:
> Craig White a écrit :
> 
> >On Mon, 2003-12-22 at 09:24, Stéphane Purnelle wrote:
> >  
> >
> >>Craig White a écrit :
> >>
> >>    
> >>
> >>>On Mon, 2003-12-22 at 09:12, Stéphane Purnelle wrote:
> >>> 
> >>>
> >>>      
> >>>
> >>>>>On Mon, 2003-12-22 at 07:46, Stéphane Purnelle wrote:
> >>>>>
> >>>>>
> >>>>>     
> >>>>>
> >>>>>          
> >>>>>
> >>>>>>dn: cn=Domain Users,ou=Groups,o=Mullen,c=US
> >>>>>>objectClass: posixGroup
> >>>>>>objectClass: sambaGroupMapping
> >>>>>>gidNumber: 513
> >>>>>>cn: Domain Users
> >>>>>>description: Netbios Domain Users
> >>>>>>sambaSID: S-1-5-21-3186189368-1246494298-1334198317-513
> >>>>>>sambaGroupType: 2
> >>>>>>displayName: Domain Users
> >>>>>>
> >>>>>>dn: cn=root,ou=Group,o=Mullen,c=US
> >>>>>>objectClass: posixGroup
> >>>>>>objectClass: top
> >>>>>>cn: root
> >>>>>>gidNumber: 0
> >>>>>>
> >>>>>>I see in this desciption that root is in sub-tree ou=Group and Domain Users is in sub-tree ou=Groups, it's normal or not ?
> >>>>>>  
> >>>>>>
> >>>>>>       
> >>>>>>
> >>>>>>            
> >>>>>>
> >>>>>----
> >>>>>Yes, that is how I thought it was supposed to work.
> >>>>>
> >>>>>Thus all of the group info migrated from /etc/group went into ou=Group
> >>>>>
> >>>>>and all of the group info migrated from smbldap-populate.pl and
> >>>>>hence-forth via LDAP assignments went into ou=Groups
> >>>>>
> >>>>>No?
> >>>>>     
> >>>>>
> >>>>>          
> >>>>>
> >>>And in your smb.conf what group suffix have you specified ?
> >>>---
> >>>moved top post to bottom for continuity...
> >>>
> >>>       ldap group suffix = ou=Groups
> >>>       ldap user suffix = ou=People
> >>>       ldap machine suffix = ou=Computers
> >>>
> >>>Craig
> >>>
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>Ok, I think that is the problem, samba try to modfiy group "root" and 
> >>cannot midify because is in ou=group.
> >>Samba search in ou = groups
> >>Can you try your command after moved
> >>
> >>dn: cn=root,ou=Group,o=Mullen,c=US
> >>objectClass: posixGroup
> >>objectClass: top
> >>cn: root
> >>gidNumber: 0
> >>
> >>TO
> >>
> >>dn: cn=root,ou=Groups,o=Mullen,c=US
> >>objectClass: posixGroup
> >>objectClass: top
> >>cn: root
> >>gidNumber: 0
> >>    
> >>
> >---
> >added new record cn=root,ou=Groups,o=Mullen,c=US (left the other in
> >Group)
> >
> >close but still didn't work
> >
> ># net groupmap modify ntgroup="Domain Users" unixgroup=root
> >net: ../../../libraries/liblber/decode.c:500: ber_scanf: Assertion
> >`((ber)->ber_opts.lbo_valid==0x2)' failed.
> >Aborted
> >[root at linserv2 migration]# net groupmap modify
> >sid=S-1-5-21-3186189368-1246494298-1334198317-512 ntgroup="Domain Users"
> >unixgroup=root type=domain
> >net: ../../../libraries/liblber/decode.c:500: ber_scanf: Assertion
> >`((ber)->ber_opts.lbo_valid==0x2)' failed.
> >
> >Craig
> >
> >
> >  
> >
> Why you use net groupmap modify, if the first groupmapping of root 
> group, I must use
> $ net groupmap add sid=S-1-5-21-3186189368-1246494298-1334198317-512 
> ntgroup="Domain Users" unixgroup=root type=domain
> 
> If it don't work, I think you can put a bug in bugzilla.
---
Duh...

thank you so much - you are very sharp. 

;-)

Craig

More information about the samba mailing list