[Samba] Samba PDC group list empty

Harry Jede walk2sun at arcor.de
Fri Nov 30 10:16:32 MST 2012 

Am Donnerstag, 29. November 2012 schrieben Sie:
> I still dont understand why ldap search filter generated by samba ( i
> have this from samba log ) cannot find anything in database:
> smbldap_search_paged: base => [dc=gymsnv,dc=sk], filter =>
> [(&(objectclass=sambaGroupMapping)(sambaGroupType=2)(sambaSID=S-1-5-
> 21-2390795950-2727105968-4008069955*))],scope => [2], pagesize =>
> [1024] [2012/11/29 18:15:14.227560,  3]
> lib/smbldap.c:1591(smbldap_search_paged) smbldap_search_paged:
> search was successful
> [2012/11/29 18:15:14.227647,  3]
> rpc_server/srv_pipe_hnd.c:121(free_pipe_context) free_pipe_context:
> destroying talloc pool of size 0
> 
> If I remove sambaSID and try to find it in ldap, I will get all my
> groups. Filter =
> (&(objectclass=sambaGroupMapping)(sambaGroupType=2)(sambaSID=*))
> 
> Is this normal behavior or my ldap configuration can be incorrect?
That's not normal.

What indexes have you set?
# ldapsearch -LLLY external -H ldapi:///  -b cn=config "(objectclass=*)"  olcDBIndex

This are my indexes:
dn: olcDatabase={1}hdb,cn=config
olcDbIndex: objectClass eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: displayName eq,sub
olcDbIndex: givenName eq,sub
olcDbIndex: mail eq,sub
olcDbIndex: dhcpHWAddress eq
olcDbIndex: dhcpClassData eq
olcDbIndex: cn eq,pres,sub
olcDbIndex: sn eq,pres,sub
olcDbIndex: ou eq
olcDbIndex: dc eq
olcDbIndex: default sub

And this shows the files:
# cd /var/lib/ldap/
# ls -l *bdb
-rw------- 1 openldap openldap 32768 18. Nov 15:49 cn.bdb
-rw------- 1 openldap openldap  8192  1. Jan 2012  dc.bdb
-rw------- 1 openldap openldap  8192 18. Nov 15:49 dhcpHWAddress.bdb
-rw------- 1 openldap openldap 24576 23. Aug 10:08 displayName.bdb
-rw------- 1 openldap openldap 24576 18. Nov 15:49 dn2id.bdb
-rw------- 1 openldap openldap  8192 23. Aug 10:08 gidNumber.bdb
-rw------- 1 openldap openldap  8192  1. Jun 21:57 givenName.bdb
-rw------- 1 openldap openldap 98304 27. Nov 22:54 id2entry.bdb
-rw------- 1 openldap openldap  8192 23. Aug 10:08 loginShell.bdb
-rw------- 1 openldap openldap  8192  1. Jun 21:57 mail.bdb
-rw------- 1 openldap openldap  8192  1. Jun 2012  memberUid.bdb
-rw------- 1 openldap openldap 16384 27. Nov 22:54 objectClass.bdb
-rw------- 1 openldap openldap  8192  1. Jun 19:57 ou.bdb
-rw------- 1 openldap openldap  8192 23. Aug 08:54 sambaDomainName.bdb
-rw------- 1 openldap openldap  8192 10. Mai 2012  sambaGroupType.bdb
-rw------- 1 openldap openldap  8192 23. Aug 08:54 sambaPrimaryGroupSID.bdb
-rw------- 1 openldap openldap  8192 23. Aug 10:08 sambaSID.bdb
-rw------- 1 openldap openldap  8192 27. Nov 22:54 sambaSIDList.bdb
-rw------- 1 openldap openldap  8192  1. Jun 21:57 sn.bdb
-rw------- 1 openldap openldap  8192 23. Aug 10:08 uid.bdb
-rw------- 1 openldap openldap  8192 23. Aug 10:08 uidNumber.bdb
-rw------- 1 openldap openldap  8192  1. Jan 2012  uniqueMember.bdb
root at capella:/var/lib/ldap# 

-- 

Gruss
	Harry Jede

More information about the samba mailing list