[Samba] Group SID problems?
John H Terpstra
jht at Samba.Org
Tue May 17 18:33:57 GMT 2005
On Tuesday 17 May 2005 12:11, jonlists wrote:
> Now that I look at this further, I notice that the "Domain Users", "Domain
> Admins", etc are not assigned..... mapped.
>
> Unfortunately, trying to assign them using the net groupmap modify results
> in a complaint the first time that the group "Domain Admins" doesn't exist
> in mapping DB (which it doesn't because it's LDAP, although you can't add
> it due to spaces).
> net groupmap add "Domain Users" unixgroup=users complains that "group 1002
> already exists in LDAP
>
> So the key here is how I add "Domain users" to OpenLDAP, then map that
> group to unixgroup users. ....... correct?
Correct. How are you handling the interface scripts? What do you have for "add
user script" etc.?
- John T.
>
> Jon Johnston
> Creative Business Solutions
> IBM, Microsoft, Novell/Suse, Sophos Consultants
> http://www.cbsol.com
> blog:http://bingo.cbsol.com
>
> samba-bounces+jonlists=cbsol.com at lists.samba.org wrote on 05/17/2005
>
> 11:32:39 AM:
> > Have a site where the network users are connecting to most shares
>
> through
>
> > group usage. Unfortunately, access to Samba is sporadic. Sometimes they
> > connect okay, sometimes they can't connect at all.
> >
> > Looking at their system config, I notice that the SID's for the groups
> > look..... odd. The users group ends in 3005.... but each user's
> > PrimaryGroupSID is a group with a SID that ends in 1201, and there is no
> >
> > group that I can find with this SID. This site uses a LDAP backend.
> >
> > The question is - what specifically should I look for in the logs to
> > verify that incorrect "mapping" of group SID's would cause the issue
>
> with
>
> > sporadic connectivity? (there doesn't seem to be any issue of network
> > connectivity).
> >
> > Thanks for any insight, ideas.......
> >
> > Jon Johnston
> > Creative Business Solutions
> > IBM, Microsoft, Novell/Suse, Sophos Consultants
> > http://www.cbsol.com
> > blog:http://bingo.cbsol.com
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
--
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668
Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
More information about the samba
mailing list