[Samba] Samba/Unix Group Mapping

Douglas Sterner DSterner at arnoldtrans.com
Mon Aug 23 14:33:04 GMT 2004 

Using Samba 3.05 and openldap I have been following the Samba 3 by Example 
(pg 155). Everythings good up to the point when I issue the command "net 
groupmap list" and I get the following error:

[root at chpas-ntwrksvc samba]# net groupmap list
[2004/08/23 10:21:49, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2239)
  ldapsam_setsamgrent: LDAP search failed: No such object
[2004/08/23 10:21:49, 0] 
passdb/pdb_ldap.c:ldapsam_enum_group_mapping(2304)
  ldapsam_enum_group_mapping: Unable to open passdb
[root at chpas-ntwrksvc samba]#
After checking users and groups I found none of my Samba groups are be 
created with matching Unix groups  including the default ones from running 
smbldap-populate. Suggestions for getting this working would be 
appreciated.

[global]
        idmap gid = 10000-20000
        socket options = TCP_NODELAY SO_RCVBUF=8192
        server string = PDC
        domain logons = Yes
        browseable = No
        local master = No
        domain master = Yes
        workgroup = Workgroup
        os level = 40
        log file = /var/log/samba/%m.log
        guest account = pcguest
        load printers = yes
        passdb backend = ldapsam:ldap://localhost
        passwd chat = *New*password* %n\n *ReType*new*password:* %n\n 
*new*password: %n\n *updated*successfully*
        passwd program = /usr/local/sbin/smbldap-passwd -o %u
        add group script = /usr/local/sbin/smbldap-groupadd %g
        delete group script = /usr/local/sbin/smbldap-groupdel %g
        add user to group script = /usr/local/sbin/smbdlap-usermod -G %g 
%u
        add user script = /usr/local/sbin/smbldap-useradd -m -d /dev/null 
-g -1000 -s /bin/false
        add machine script = /usr/local/sbin/smbldap-useradd -s /bin/false 
-d /dev/null \-g machines %u
        delete user script = /usr/local/sbin/smbldap-userdel -r %u
        username map = /etc/samba/smbusers
        map to guest = Bad User
        ldap port = 389
        ldap machine suffix = ou=Computers
        ldap group suffix = ou=Group
        ldap user suffix = ou=Users
        ldap suffix = dc=domain,dc=lcl
        ldap ssl = no
        ldap passwd sync = Yes
        ldap admin dn = cn=Manager,dc=domain,dc=lcl
        idmap backend = ldap:ldap://localhost
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        map acl inherit = Yes


Thanks
Douglas Sterner

More information about the samba mailing list