[Samba] groupmember list fails with 3.0.0b3 and LDAP
Brynnen Owen
owen at isrl.uiuc.edu
Wed Jul 30 23:42:21 GMT 2003
Hi all,
I've been working on a PDC with group mapping with Samba-3.0.0Beta3
with OpenLDAP-2.1.22. Things are mostly working, however I don't seem
to be able to retrieve a list of users in a group, nor am I able to
grant ACL's based on group membership. Here's what I did.
1. Created an LDAP posixGroup account
2. net groupmap add rid=512 ntgroup="Domain Admins" unixgroup="domadmin"
The resulting LDIF shows up as follows:
# domadmin, Group, GSLIS
dn: cn=domadmin,ou=Group,dc=GSLIS
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: domadmin
gidNumber: 512
memberUid: admin
sambaSID: S-1-5-21-3469007649-3513637358-4254120478-512
sambaGroupType: 2
displayName: Domain Admins
The output of
net groupmember list "Domain Admins" -U admin
gives error 2220
The output of
net groupmap list
Domain Admins (S-1-5-21-3469007649-3513637358-4254120478-512) -> domadmin
Some Blah Group (S-1-5-21-3469007649-3513637358-4254120478-7676) -> blahgrp
I can log on to a domain member using the admin password, but I'm not
an admin.
Any ideas where to start looking?
--
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
<> Brynnen Owen ( this space for rent )<>
<> owen at uiuc.edu ( )<>
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
More information about the samba
mailing list