[Samba] 3.0.0 -> 3.0.1 : group_mapping.tdb perms

Pierre Dinh-van pierre at tuxfamily.org
Mon Dec 29 17:25:26 GMT 2003 

Hello,

I'm running Samba 3.0.0 on a PDC server with LDAP.  
I tested the latest version (3.0.1) on a test server with the same
config files.

But I get the following message in my logs if
/var/lib/samba/group_mapping.tdb 's mode is set to 600 (like it is set
in my 3.0.0 server).

[2003/12/29 17:59:51, 0] groupdb/mapping.c:init_group_mapping(139)
  Failed to open group mapping database
[2003/12/29 17:59:51, 0] groupdb/mapping.c:get_group_from_gid(655)
  failed to initialize group mappingFailed to open group mapping database
[2003/12/29 17:59:51, 0] groupdb/mapping.c:get_group_from_gid(655)
  failed to initialize group mappingFailed to open group mapping database
[2003/12/29 17:59:51, 0] groupdb/mapping.c:get_group_from_gid(655)
  failed to initialize group mappingFailed to open group mapping database
[2003/12/29 17:59:51, 0] groupdb/mapping.c:get_group_from_gid(655)
  failed to initialize group mappingget_alias_user_groups: gid of user
  p-dinhvan doesn't exist. Check your /etc/passwd and /etc/group files 

To avoid this messages, I need to chmod 666 the file. Doesn't seem to be
normal, is it ?

When I chmod  666 the group_mapping.tdb, I get another strange message
in my logs (log level = 10) : 


[2003/12/29 18:08:59, 1] lib/smbldap.c:smbldap_retry_open(890)
  Connection to LDAP Server failed for the 1 try!
[2003/12/29 18:08:59, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1649)
  ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
  (Insufficient access) 
  ldapsam_search_one_group: Query was:
  ou=groups,dc=linux,dc=strg,dc=arte,
  (&(objectClass=sambaGroupMapping)(gidNumber=4294967295)) 
[2003/12/29 18:08:59, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1636)
  ldapsam_search_one_group: searching
  for:[(&(objectClass=posixGroup)(gidNumber=4294967295))] 
[2003/12/29 18:08:59, 0] lib/smbldap.c:smbldap_open(801)
  smbldap_open: cannot access LDAP when not root..


The gidNumber seems ... big... the last user manipulated by samba is
p-dinhvan, who has :
gidNumber: 100 
sambaSID: S-1-5-21-2533171995-41200505-3792937173-4156
uidNumber: 1578
sambaPrimaryGrouSID: S-1-5-21-2533171995-41200505-3792937173-513

This message doesn't seem to make problems for the user's logon. 

I found nothing answering to this problem in the lists archives...


Thank you


PS : sorry for my poor english

-- 
Pierre Dinh-van

More information about the samba mailing list