[Samba] Re: LDAP: strange "net groupmap" behaviour
Igor Belyi
sambauser at katehok.ac93.org
Mon Oct 25 15:26:34 GMT 2004
Ilia Chipitsine wrote:
> Dear Sirs,
>
> I did the following command (against ldapsam backend):
>
> net groupmap add rid=3002 unixgroup=wheel type=local ntgroup=Marketoids
> comment=Mm -d 10
>
> I just wanted to add new group. But instead of that I saw many-many-many
> records:
>
> lib/smbldap.c:smbldap_search(963)
> passdb/pdb_ldap.c:ldapsam_getgroup(2008)
>
> they all wanted to find group with gidNumber=4294967295, yes, sure,
> there's no such group. I didn't mean to find that group, I just meant to
> add new one. What's wrong ?
'net groupmap' is used to map a Domain group SID to an existing UNIX group.
If you want to create UNIX group in LDAP you may want to use smbldap
tools: /usr/local/sbin/smbldap-groupadd.pl <group name>
To add a group and a mapping use '-a' option with smbldap-groupadd.pl
script.
To add groups and a mapping via 'net group add' command or with
usrmgr.exe Windows utility, add the following line to your smb.conf:
add group script = /usr/local/sbin/smbldap-groupadd.pl -p "%g"
Please, read Samba docs.
Hope it helps,
Igor
More information about the samba
mailing list