[Samba] Openldap samba 3.0.5 net group add does not work
Matt Hoyt
mrhoyt3 at hotmail.com
Sat Jul 31 06:06:45 GMT 2004
When I run net add groupmap rid=512 ntgroup="Domain Admins"
UNIXgroup="ntadmins" i get this error:
adding entry for group Domain Admins failed!
The error isn't very specific and the log doesn't show any error. I look in
the log (log level -1 in slapd.conf) and I can tell it is able to search. I
can post the syslog if you need it. I think their is an error in my
smb.conf. He is the global configuration
[global]
workgroup = WORKGROUP
netbios name = backup
#username map = /etc/samba/smbusers
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/useradd -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupadd %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g
machines %u
preferred master = yes
domain master = yes
local master = yes
security = users
domain logons = yes
os level = 35
logon path = \\%L\profiles\%u
logon drive = H:
logon home = \\%L\%u\winprofile
logon script = /etc/samba/logon/scripts
#idmap backend = ldapsam:ldap://localhost
ldap suffix = dc=sovereign
ldap admin dn = "cn=Manager,ou=People,dc=sovereign"
ldap ssl = no
passdb backend = ldapsam:ldap://localhost
ldap delete dn = no
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
winbind separator = +
winbind enum users = yes
template homedir = /home/winnt/%D/%U
template shell = /bin/bash
idmap uid = 10000-20000
idmap gid = 10000-20000
Here is the ldap-init.ldif
# Samba openldap configuration file
# -------------------------------------------
# Organization for Samba Base
dn: dc=sovereign
objectclass: dcObject
objectclass: organization
dc: sovereign
o: sovereign network test
description: ldap configuration
# Organizational Role for Directory Management
dn: cn=Manager,dc=sovereign
objectclass: organizationalRole
cn: Manager
description: Manager
# Setting up container for users
dn: ou=People,dc=sovereign
objectclass: top
objectclass: organizationalUnit
ou: People
# Setting up admin handle for people
dn: cn=admin,ou=People,dc=sovereign
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: *********************************
# Setting up container for groups
dn: ou=Groups,dc=sovereign
objectclass: top
objectclass: organizationalUnit
ou: Groups
# Setting up admin for Groups ou
dn: cn=admin,ou=Groups,dc=sovereign
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: *********************************
# Setting up container for computers
dn: ou=Computers,dc=sovereign
objectclass: top
objectclass: organizationalUnit
ou: Computers
# Setting up admin handle for Computers OU
dn: cn=admin,ou=Computers,dc=sovereign
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: ***********************************
# Setting up container for idmap
dn: ou=Idmap,dc=sovereign
objectclass: top
objectclass: organizationalUnit
ou: Idmap
# Setting up admin for Groups ou
dn: cn=admin,ou=Idmap,dc=sovereign
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: **********************************
Gentoo box running kernel 2.6.7
I am able to add users and machine accounts. If I use tdbsam net groupmap
works.
Matt Hoyt
_________________________________________________________________
Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/
More information about the samba
mailing list