Vedr. Re: Samba 4 ADUC add group in "member of" does not work
Harry Chinatzki
harrychinatzki at yahoo.no
Sun Dec 9 16:47:30 GMT 2007
>
> On Sat, 2007-12-08 at 12:10 +0100, Harry Chinatzki
> wrote:
> > When i try to add a group ( i choose "domain
> admins") to a user (i choose "administrator") all
> works fine until I push the OK button. Then I get:
> >
> > "The following active directory error has occured:
> The data is invalid"
> >
> > in the log of samba4 it just say:
> >
> > ldb: objectguid_add_record
> >
> > I'm using samba4 svn-download from 7. des2007 as
> domain controller ann
> > a windows 2003 server as memberserver and client
> from which I user
> > ADUC. Everything else is default.
> >
> > Why does add group not work ?
>
> Have you done a provision with that code, or is this
> a setup from
> earlier?
I provision with fresh code.
>
> This is meant to all work, and worked when I last
> tested it, so we need
> to chase it down some more...
>
I can see now that the group actually is added, but
all groups except primary-group is invisibel from
ADUC-memberof. I only get the "invalid data" error
when I try to add an additional group a second time
(because I don't see it in ADUC-memberof).
The additional groups works fine for me at the
file-security-level.
In adsiedit.msc I can see that the additional group is
added to memberOf-attribute, but there is no
tokenGroup-attribute.
Maybe the aditional groups are invisible in ADUC
because the tokenGroup attribute is missing from the
user -ldapentry. I've read that some apps use the
tokenGroup-attribute to enumerate user-groups.
mvh
Harry
_________________________________________________________
Alt i ett. Få Yahoo! Mail med adressekartotek, kalender og
notisblokk. http://no.mail.yahoo.com
More information about the samba-technical
mailing list