[Samba] Re: Supplementary Group Issues
Dmitry Monakhov
monakhv at ot.ru
Wed Feb 25 07:11:22 GMT 2004
Fenal, Jérôme wrote:
>>Test user login name is ssi
>>
>>The output of id -a ssi command is
>>
>>uid=225(ssi) gid=1(other) groups=112(support),1000(users)
>>
>>Nevertheless samba has found only 1 group (gid=1)
>
>
> Ok, I don't see anything beside the following :
>
> Define the right suffixes and ous (should be People&Group in Solaris 9) :
> ldap suffix = o=ot.ru,o=ot
> ldap user suffix = ou=People
> ldap group suffix = ou=Group
>
> Try to remove :
> ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
> to get the default : (uid=%u)
I've tested the settings above without any success.
> Also double check that the SID for your groups are derived from the domain's
> one
I'm not sure I understand you right. I'm using the simplest
configuration without domain but workgroup only with the only server -
master browser. Just for the case I've mapped all group with type 2
(domane group)
> Last thing, I remember having seen some problems with Solaris 9 nss_ldap
> client due to Sun patches on the list this or last month. The bug seems to
> be from Sun's fault.
> See :
Ok. I knew it. So, I'm using nss_ldap-211 from padl.com and it is
definitely working good within Unix framework (id -a, ls -l... show
right information). However according to the LDAP SERVER log file samba
even do not request for supplementary groups. By the way samba log file
level 10 I sent you also do not show any requests to LDAP for
supplementary groups.
> http://marc.theaimsgroup.com/?l=samba&m=107636136823095&w=2
> and bug 395 (https://bugzilla.samba.org/show_bug.cgi?id=395).
> Please test the program in comment #19 and report.
>
> Regards,
>
> J.
>
>
>
> This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
--
Dmitry Monakhov System Administrator
Open Technologies, tel: +7(095)787-7027
e-mail: monakhv at ot.ru, http://www.ot.ru/
More information about the samba
mailing list