[Samba] gidNumber's and ldap backed samba PDC
Adam Tauno Williams
awilliam at whitemice.org
Tue Mar 24 20:11:04 GMT 2009
On Tue, 2009-03-24 at 13:31 -0500, Derek Werthmuller wrote:
> Ok I see it appears that the ldap entries that samba needs in the directory
> are under a different O. ou=groups,o=smb,dc=unav,dc=es for example.
> dn: cn=Domain Admins,ou=groups,o=smb,dc=unav,dc=es
> objectClass: posixGroup
> objectClass: sambaGroupMapping
> gidNumber: 512
> cn: Domain Admins
> Where my user/file system groups would be under traditional ldap entries
> like:
> dn: cn=usrgrp,ou=Group,dc=ct,dc=unav,dc=es
> objectClass: posixGroup
> objectClass: top
> cn: usrgrp
> userPassword:: e2NyexB0fX9g=
> gidNumber: 512
> creatorsName: cn=Manager, dc=ct,dc=unav,dc=es
> createTimestamp: 20021007160601Z
> modifiersName: cn=Manager,dc=ct,dc=unav,dc=es
> modifyTimestamp: 20081205192619Z
> This right?
I don't understand the question. But perhaps you haven't configured
your scripts (the smbldap stuff?) correctly [this would be my guess] or
you need to manually tweak your group mapping [man net].
You should have ONE object which represents both the POSIX and CIFS
group. You have two and the sambaGroupMapping seems incomplete.
More information about the samba
mailing list