[Samba] Re: Samba 3.0alpha24 / OpenLDAP / support for groups broken?
Tang
tang at inesc-macau.org.mo
Tue May 27 09:57:46 GMT 2003
Make sure you have the posixGroup on LDAP.
And in smb.conf, put
passdb backend = ldapsam guest
Then try as follows:
# net groupmap add rid=1000 unixgroup=domstaff type=domain ntgroup="Staff"
Regards,
tang.
Alex Meier wrote:
> Hello!
>
> we are trying to get Samba 3.0a24 to work with OpenLDAP. After creating
> the guest - user manually in the LDAP directory, everything seemed to
> work fine. However we cannot create any group. The "net group map"
> command runs without any error message, and states:
>
> blue# ./net groupmap add rid=999 unixgroup=syadm
> Successully added group syadm to the mapping db
>
> Unfortunately the group was *NOT* created as "./net groupmap list" reveals:
>
> blue# ./net groupmap list
> blue#
>
> When running Samba without LDAP support "./net groupmap list" shows the
> build-in groups:
>
> blue# ./net groupmap list
> System Operators (S-1-5-32-549) -> -1
> Replicators (S-1-5-32-552) -> -1
> Guests (S-1-5-32-546) -> -1
> Domain Admins (S-1-5-21-3844847972-810955303-936295742-512) -> -1
> Domain Users (S-1-5-21-3844847972-810955303-936295742-513) -> -1
> Power Users (S-1-5-32-547) -> -1
> Print Operators (S-1-5-32-550) -> -1
> Administrators (S-1-5-32-544) -> -1
> Domain Guests (S-1-5-21-3844847972-810955303-936295742-514) -> -1
> Account Operators (S-1-5-32-548) -> -1
> Backup Operators (S-1-5-32-551) -> -1
> Users (S-1-5-32-545) -> -1
>
> Shouldn't "./net groupmap list" show these groups with LDAP as well? Do
> we have to create these groups manually? How? Logs from the LDAP server
> show that Samba is desperately looking for a group with gid=-1. Manually
> creating a Samba groups in the LDAP directory does *not* improve the
> situtation.
>
> Can anyone help, please?
>
> Best regards,
> Alex Meier
>
>
More information about the samba
mailing list