adding entry for group Domain Admins failed!
Gabriele Verzeletti
gabriele at verzeletti.org
Wed Oct 27 12:31:44 GMT 2004
Hi all
I try to setup samba+ldap PDC
My config:
Fedora core 2
samba-3.0.7-2.FC2
openldap-2.2.17
smbldap-tools-0.8.5-1.1
[slapd.conf]
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/samba.schema
# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2
pidfile /usr/local/openldap/var/run/slapd.pid
argsfile /usr/local/openldap/var/run/slapd.args
database bdb
suffix "dc=samba,dc=lan"
rootdn "cn=Manager,dc=samba,dc=lan"
rootpw {SSHA}2EqXU0QdxPlGu0FZCPbAhf/3jvaJfIVB
directory /usr/local/openldap/var/openldap-data
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUid eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
[smb.conf]
[global]
workgroup = SAMBA.LAN
netbios name = SAMBASRV
passdb backend = ldapsam:ldap://localhost
username map = /etc/samba/smbusers
printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%g' '%u'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%g' '%u'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = scripts\logon.bat
logon path = \\%L\Profiles\%U
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
ldap suffix = dc=samba,dc=lan
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=People
ldap idmap suffix = ou=People
ldap admin dn = cn=Manager, dc=samba, dc=lan
ldap ssl = no
ldap passwd sync = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
printing = cups
log file = /var/log/samba/log.%m
log level = 1
security = user
template shell = /bin/false
winbind use default domain = no
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
# Printing auto-share (makes printers available thru CUPS)
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root
create mask = 0600
guest ok = Yes
printable = Yes
browseable = No
[print$]
comment = Printer Drivers Share
path = /var/lib/samba/drivers
write list = root
printer admin = maryo, root
# Needed to support domain logons
[netlogon]
comment = Network Logon Service
path = /home/netlogon
admin users = root
guest ok = Yes
browseable = No
[Profiles]
comment = Roaming Profile Share
path = /home/profiles
read only = No
profile acls = Yes
Whe i try to assign unix group to NT groups:
"net groupmap list"
result nothing
"net groupmap add ntgroup="Domain Admins" unixgroup=root rid=512"
The system say:
"adding entry for group Domain Admins failed!"
Here's ldap.log
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_search
Oct 27 13:36:31 SambaSrv slapd[32461]:
bdb_dn2entry("ou=people,dc=samba,dc=lan")
Oct 27 13:36:31 SambaSrv slapd[32461]: search_candidates:
base="ou=people,dc=samba,dc=lan" (0x00000003) scope=2
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_dn2idl(
"ou=people,dc=samba,dc=lan" )
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key:
@ou=people,dc=samba,dc=lan
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_dn2idl: id=3 first=3 last=9
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [b49d1940]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0,
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [fd83b1e1]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read 6 candidates
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=6,
first=10, last=15
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [62aec1bc]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0,
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates
(gidNumber)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [4e19954c]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0,
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search_candidates: id=0
first=3 last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search: no candidates
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: conn=31 op=39 p=3
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: err=0
matched="" text=""
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_response: msgid=40
tag=101 err=0
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10)
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10): got connid=31
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_read(10): checking for
input on id=31
Oct 27 13:36:31 SambaSrv slapd[32461]: ber_get_next on fd 10 failed
errno=11 (Resource temporarily unavailable)
Oct 27 13:36:31 SambaSrv slapd[32461]: do_search
Oct 27 13:36:31 SambaSrv slapd[32461]: >>> dnPrettyNormal:
<ou=People,dc=samba,dc=lan>
Oct 27 13:36:31 SambaSrv slapd[32461]: <<< dnPrettyNormal:
<ou=People,dc=samba,dc=lan>, <ou=people,dc=samba,dc=lan>
Oct 27 13:36:31 SambaSrv slapd[32461]: SRCH "ou=People,dc=samba,dc=lan" 2 0
Oct 27 13:36:31 SambaSrv slapd[32461]: 0 0 0
Oct 27 13:36:31 SambaSrv slapd[32461]: filter:
(&(objectClass=sambaIdmapEntry)(gidNumber=0))
Oct 27 13:36:31 SambaSrv slapd[32461]: attrs:
Oct 27 13:36:31 SambaSrv slapd[32461]: sambaSID
Oct 27 13:36:31 SambaSrv slapd[32461]: uidNumber
Oct 27 13:36:31 SambaSrv slapd[32461]: gidNumber
Oct 27 13:36:31 SambaSrv slapd[32461]: objectClass
Oct 27 13:36:31 SambaSrv slapd[32461]:
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_search
Oct 27 13:36:31 SambaSrv slapd[32461]:
bdb_dn2entry("ou=people,dc=samba,dc=lan")
Oct 27 13:36:31 SambaSrv slapd[32461]: search_candidates:
base="ou=people,dc=samba,dc=lan" (0x00000003) scope=2
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_dn2idl(
"ou=people,dc=samba,dc=lan" )
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key:
@ou=people,dc=samba,dc=lan
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_dn2idl: id=3 first=3 last=9
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [b49d1940]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0,
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: => bdb_equality_candidates
(objectClass)
Oct 27 13:36:31 SambaSrv slapd[32461]: => key_read
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_idl_fetch_key: [62aec1bc]
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_index_read: failed (-30990)
Oct 27 13:36:31 SambaSrv slapd[32461]: <= bdb_equality_candidates: id=0,
first=0, last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search_candidates: id=0
first=3 last=0
Oct 27 13:36:31 SambaSrv slapd[32461]: bdb_search: no candidates
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: conn=31 op=40 p=3
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_result: err=0
matched="" text=""
Oct 27 13:36:31 SambaSrv slapd[32461]: send_ldap_response: msgid=41
tag=101 err=0
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10)
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_get(10): got connid=31
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_read(10): checking for
input on id=31
Oct 27 13:36:31 SambaSrv slapd[32461]: ber_get_next on fd 10 failed
errno=0 (Success)
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_read(10): input
error=-2 id=31, closing.
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_closing: readying
conn=31 sd=10 for close
Oct 27 13:36:31 SambaSrv slapd[32461]: connection_close: conn=31 sd=10
Oct 27 13:36:31 SambaSrv slapd[32461]: ber_get_next on fd 10 failed
errno=11 (Resource temporarily unavailable) <---- What's mean ??
Thx all for support !!!
More information about the samba-technical
mailing list