[Samba] Samba3+LDAP: Can't join domain.

davidszanto davidszanto at grupo-iberica.com
Mon Jul 4 17:51:55 GMT 2005 

El Lunes, 4 de Julio de 2005 18:33, escribió:
> Hi Fabio!
> Thanks for the quick response!!
>
> El Lunes, 4 de Julio de 2005 17:12, escribió:
> > Hi!
> > I manage a PDC with the same configuration.
> > I suggest you to check SID in LDAP  directory and smbldap configuration.
> >
> > "net groupmap list" shows errors?
>
> I've tried it again, just to make sure, and it doesn't show any errors...
> except that last time I so such a configuration samba groups maped
> correctly to their posix group name, and now I only get gidNumbers??  I've
> double checked my nsswitch.conf and libnss-ldap.conf files and I can't see
> what's wrong:
>
> -- begin --------------------
>
> # net groupmap list
> Gerencia (S-1-5-21-1243414039-471885888-144306045-21015) -> 10007
> Ventas y Comerciales (S-1-5-21-1243414039-471885888-144306045-21025) ->
> 10012 Contabilidad (S-1-5-21-1243414039-471885888-144306045-5007) -> 10005
> Recambios (S-1-5-21-1243414039-471885888-144306045-21021) -> 10010 Chapa y
> Pintura (S-1-5-21-1243414039-471885888-144306045-21009) -> 10004
> Administracion (S-1-5-21-2139989288-483860436-2398042574-21003) -> 10001
> Imperial de AutomBritFujiyama Motor
> (S-1-5-21-1243414039-471885888-144306045-21013) -> 10006
> Vook Rent a Car (S-1-5-21-1243414039-471885888-144306045-21027) -> 10013
> British Car (S-1-5-21-2139989288-483860436-2398042574-21007) -> 10003
> Talleres y Mecanicos (S-1-5-21-1243414039-471885888-144306045-21023) ->
> 10011 Todos (S-1-5-21-2139989288-483860436-2398042574-21029) -> 10014
> London Taxi Company (S-1-5-21-1243414039-471885888-144306045-21019) ->
> 10009 Informatica (S-1-5-21-2139989288-483860436-2398042574-21031) -> 10015
> Domain Admins (S-1-5-21-2139989288-483860436-2398042574-512) -> 512 Domain
> Users (S-1-5-21-2139989288-483860436-2398042574-513) -> 513 Domain Guests
> (S-1-5-21-2139989288-483860436-2398042574-514) -> 514 Domain Computers
> (S-1-5-21-2139989288-483860436-2398042574-515) -> 515 Administrators
> (S-1-5-32-544) -> 544
> Account Operators (S-1-5-32-548) -> 548
> Print Operators (S-1-5-32-550) -> 550
> Backup Operators (S-1-5-32-551) -> 551
> Replicators (S-1-5-32-552) -> 552
>
> -- end ------------------------
>
> -- nsswitch.conf -------------------------
> passwd:         files ldap
> group:          files ldap
> shadow:         files ldap
> ...
> -- end ------------------------------
>
> -- libnss-ldap.conf -------------------
> base dc=gicomm,dc=iberica,dc=esp
> uri ldap://127.0.0.1/
> ldap_version 3
> rootbinddn cn=admin,dc=gicomm,dc=iberica,dc=esp
> scope sub
> -- end ------------------------------
>
> The SID I get from "net getlocalsid" is:
>
> SID for domain GICOMM is: S-1-5-21-2139989288-483860436-2398042574
>
>
> And I've compared it to the entries in my LDAP directory and they seem
> correct.
>
> Examples:
>
> User XXX has :
> sambaPrimaryGroupSID: S-1-5-21-2139989288-483860436-2398042574-513
> sambaSID: S-1-5-21-2139989288-483860436-2398042574-3204
>
> Any ideas?
>
> THANX a LOT!!!
> David

More information about the samba mailing list