Réf. : [Samba] groupmember list fails with 3.0. 0b3and LDAP

Ganael LAPLANCHE ganael.laplanche at edfgdf.fr
Thu Jul 31 10:55:40 GMT 2003


Same problem for me, any clue ?


owen at isrl.uiuc.edu@lists.samba.org on 07/31/2003 01:42:21 AM

Envoyé par :      samba-bounces+ganael.laplanche=edf.fr at lists.samba.org

Pour : samba at lists.samba.org
cc :
Objet :     [Samba] groupmember list fails with 3.0.0b3 and LDAP

Hi all,

  I've been working on a PDC with group mapping with Samba-3.0.0Beta3
with OpenLDAP-2.1.22.  Things are mostly working, however I don't seem
to be able to retrieve a list of users in a group, nor am I able to
grant ACL's based on group membership.  Here's what I did.

1.  Created an LDAP posixGroup account
2.  net groupmap add rid=512 ntgroup="Domain Admins" unixgroup="domadmin"

The resulting LDIF shows up as follows:

# domadmin, Group, GSLIS
dn: cn=domadmin,ou=Group,dc=GSLIS
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: domadmin
gidNumber: 512
memberUid: admin
sambaSID: S-1-5-21-3469007649-3513637358-4254120478-512
sambaGroupType: 2
displayName: Domain Admins

The output of
  net groupmember list "Domain Admins" -U admin
gives error 2220

The output of
  net groupmap list

Domain Admins (S-1-5-21-3469007649-3513637358-4254120478-512) ->  domadmin
Some Blah Group (S-1-5-21-3469007649-3513637358-4254120478-7676) ->

I can log on to a domain member using the admin password, but I'm not
an admin.

Any ideas where to start looking?

<>  Brynnen Owen            (     this space for rent
<>  owen at uiuc.edu           (

To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list