[Samba] Samba and LDAP, problem with variables %u and %g

Paul Taka takaanna at hotmail.com
Mon Apr 18 14:21:43 GMT 2005 

Hi samba list,

I'm using samba 3(.0.13) with OpenLDAP and I have a strange problem:
the variables %U and %G don't seem to be replaced by their values.

I get nothing in my logs, so I don't know where is the problem...

In fact, in my smb.conf, I have something like:
    logon home =
    logon path = \\server\profiles\prof.%G
    logon drive = h:

The profiles are loaded if I use logon path = \\server\profiles\prof.group
but not if I use prof.%G... Windows 2000 says "unable to create
\\server\profiles\prof.pds" and loads a local profile.

What is strange is that pdbedit replaces %G with the right groupname.
I don't use smbldap-tools, is it the problem?

But if I use an include = /etc/samba/prof.%G (or %g, %U, %u), samba is
unable to load it too, because it's looking for a file named "prof."

%v and %m are correctly changed.
Below, some outputs.

I'm stuck since 5 days... if someone could help me...
Thank you very much.

Paul.



Some outputs:
(groupsID < 100 are defined in /etc/group, others are on LDAP)
(nobody is an /etc/passwd and /etc/group account)

# id su
uid=0(su) gid=0(root) groups=0(root),512(ntadmins)

# id paul
uid=201(paul) gid=200(admin) groups=200(admin)

# id mdho
uid=11102(mdho) gid=11100(gte1g1) groups=11100(gte1g1),11000(gte1)

# id nobody
uid=65534(nobody) gid=65533(nobody) 
groups=65533(nobody),65534(nogroup),514(ntguests)


# net groupmap list
admin (S-1-5-21-2786447882-2507109976-1218456950-200) -> admin
gte1g1 (S-1-5-21-2786447882-2507109976-1218456950-11000) -> gte1g1
gte1 (S-1-5-21-2786447882-2507109976-1218456950-10000) -> gte1
Domain Admins (S-1-5-21-2786447882-2507109976-1218456950-512) -> ntadmins
Domain Users (S-1-5-21-2786447882-2507109976-1218456950-513) -> ntusers
Domain Guests (S-1-5-21-2786447882-2507109976-1218456950-514) -> ntguests


# pdbedit -Lv
---------------
Unix username:        paul
NT username:          paul
Account Flags:        [U          ]
User SID:             S-1-5-21-2786447882-2507109976-1218456950-1402
Primary Group SID:    S-1-5-21-2786447882-2507109976-1218456950-1401
Full Name:            PAUL A
Home Directory:
HomeDir Drive:        h:
Logon Script:
Profile Path:         \\server\profiles\prof.admin
Domain:               DOMAIN
Account desc:         -
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Fri, 13 Dec 1901 21:45:51 GMT
Kickoff time:         Fri, 13 Dec 1901 21:45:51 GMT
Password last set:    Fri, 15 Apr 2005 19:36:33 GMT
Password can change:  Fri, 15 Apr 2005 19:36:33 GMT
Password must change: Fri, 13 Dec 1901 21:45:51 GMT
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
---------------
Unix username:        su
NT username:          su
Account Flags:        [U          ]
User SID:             S-1-5-21-2786447882-2507109976-1218456950-1000
Primary Group SID:    S-1-5-21-2786447882-2507109976-1218456950-1001
Full Name:            SuperUser
Home Directory:
HomeDir Drive:        h:
Logon Script:
Profile Path:         \\server\profiles\prof.root
Domain:               DOMAIN
Account desc:         Compte pour joindre le domaine Samba
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Fri, 13 Dec 1901 21:45:51 GMT
Kickoff time:         Fri, 13 Dec 1901 21:45:51 GMT
Password last set:    Fri, 15 Apr 2005 19:37:07 GMT
Password can change:  Fri, 15 Apr 2005 19:37:07 GMT
Password must change: Fri, 13 Dec 1901 21:45:51 GMT
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
---------------
Unix username:        win2000$
NT username:          win2000$
Account Flags:        [W          ]
User SID:             S-1-5-21-2786447882-2507109976-1218456950-121004
Primary Group SID:    S-1-5-21-2786447882-2507109976-1218456950-121001
Full Name:            WIN2000$
Home Directory:
HomeDir Drive:        h:
Logon Script:
Profile Path:         \\server\profiles\prof.%G
Domain:               DOMAIN
Account desc:
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Fri, 13 Dec 1901 21:45:51 GMT
Kickoff time:         Fri, 13 Dec 1901 21:45:51 GMT
Password last set:    Fri, 15 Apr 2005 19:38:32 GMT
Password can change:  Fri, 15 Apr 2005 19:38:32 GMT
Password must change: Fri, 13 Dec 1901 21:45:51 GMT
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
---------------
Unix username:        mdo
NT username:          mdo
Account Flags:        [U          ]
User SID:             S-1-5-21-2786447882-2507109976-1218456950-23204
Primary Group SID:    S-1-5-21-2786447882-2507109976-1218456950-11100
Full Name:            DO mat
Home Directory:
HomeDir Drive:        h:
Logon Script:
Profile Path:         \\server\profiles\prof.gte1g1
Domain:               DOMAIN
Account desc:         -
Workstations:
Munged dial:
Logon time:           0
Logoff time:          Fri, 13 Dec 1901 21:45:51 GMT
Kickoff time:         Fri, 13 Dec 1901 21:45:51 GMT
Password last set:    Sat, 16 Apr 2005 10:14:02 GMT
Password can change:  Sat, 16 Apr 2005 10:14:02 GMT
Password must change: Fri, 13 Dec 1901 21:45:51 GMT
Last bad password   : 0
Bad password count  : 0
Logon hours         : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

More information about the samba mailing list