[Samba] Re: Supplementary Group Issues

Dmitry Monakhov monakhv at ot.ru
Wed Feb 25 07:11:22 GMT 2004 


Fenal, Jérôme wrote:

>>Test user login name is ssi
>>
>>The output of id -a ssi command is
>>
>>uid=225(ssi) gid=1(other) groups=112(support),1000(users)
>>
>>Nevertheless samba has found only 1 group (gid=1)
> 
> 
> Ok, I don't see anything beside the following :
> 
> Define the right suffixes and ous (should be People&Group in Solaris 9) :
>   ldap suffix = o=ot.ru,o=ot
>   ldap user suffix = ou=People
>   ldap group suffix = ou=Group
> 
> Try to remove :
>   ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
> to get the default  : (uid=%u)

I've tested the settings above without any success.


> Also double check that the SID for your groups are derived from the domain's
> one

I'm not sure I understand you right. I'm using the simplest 
configuration without domain but workgroup only with the only server - 
master browser. Just for the case I've mapped all group with type 2 
(domane group)


> Last thing, I remember having seen some problems with Solaris 9 nss_ldap
> client due to Sun patches on the list this or last month. The bug seems to
> be from Sun's fault. 
> See :

Ok. I knew it. So, I'm using nss_ldap-211 from padl.com and it is 
definitely working good within Unix framework (id -a, ls -l...  show 
right information). However according to the LDAP SERVER log file samba 
even do not request for supplementary groups. By the way samba log file 
level 10 I sent you also do not show any requests to LDAP for 
supplementary groups.




> http://marc.theaimsgroup.com/?l=samba&m=107636136823095&w=2
> and bug 395 (https://bugzilla.samba.org/show_bug.cgi?id=395).
> Please test the program in comment #19 and report.
> 
> Regards,
> 
> J.
> 
> 
> 
> This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.

-- 
Dmitry Monakhov System Administrator
Open Technologies, tel: +7(095)787-7027
e-mail: monakhv at ot.ru, http://www.ot.ru/

More information about the samba mailing list