Welcome to Soft32 Linux Forums!
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

[Samba] problems with group mappings with ldap

  
   Soft32 Home -> Linux -> Samba RSS
Next:  [Samba] problems with samba 2.2.7 installed on Tr..  
Author Message
John H.

External


Since: Jan 07, 2004
Posts: 13



(Msg. 1) Posted: Mon Jan 26, 2004 7:50 pm
Post subject: [Samba] problems with group mappings with ldap
Archived from groups: linux>samba (more info?)
the weirdness continues

net groupmap modify ntgroup="Domain Admins" unixgroup="ntadmin"
NT Group Domain Admins doesn't exist in mapping DB




--- On Mon 01/26, John H. < mrmailer DeleteThis @myway.com > wrote:
From: John H. [mailto: mrmailer DeleteThis @myway.com]
To: samba DeleteThis @lists.samba.org
Date: Mon, 26 Jan 2004 17:40:49 -0500 (EST)
Subject: Re: [Samba] net: ../../../libraries/liblber/decode.c:644: ber_scanf: Assertion `((ber)->ber_opts.lbo_valid==0x2)' failed.

<br>i thought i had, but apparently not, so i did that and this is what i have now(as you can see, there are two entries)<br><br><br>net groupmap list -s /etc/samba/smb.ldap<br>Domain Admins (S-1-5-21-4070452498-3149834983-2923667569-512) -> 512<br>Domain Guests (S-1-5-21-4070452498-3149834983-2923667569-514) -> 514<br>Administrators (S-1-5-21-4070452498-3149834983-2923667569-544) -> 544<br>Guests (S-1-5-21-4070452498-3149834983-2923667569-546) -> 546<br>Power Users (S-1-5-21-4070452498-3149834983-2923667569-547) -> 547<br>Account Operators (S-1-5-21-4070452498-3149834983-2923667569-548) -> 548<br>Server Operators (S-1-5-21-4070452498-3149834983-2923667569-549) -> 549<br>Print Operators (S-1-5-21-4070452498-3149834983-2923667569-550) -> 550<br>Backup Operators (S-1-5-21-4070452498-3149834983-2923667569-551) -> 551<br>Replicator (S-1-5-21-4070452498-3149834983-2923667569-552) -> 552<br>Domain Computers (S-1-5-21-4070452498-3149834983-2923667569-553) -> 553<br>Domain Admins (S-
1-5-21-4070452498-3149834983-2923667569-512) -> ntadmin<br><br><br>is that ok?<br><br>I wanted to add Domain Power users, and did this...<br><br><br> net groupmap add ntgroup="Domain Power Users" unixgroup=users sid=S-1-5-21-4070452498-3149834983-2923667569-1201 -s /etc/samba/smb.ldap<br><br>adding entry for group Domain Power Users failed!<br><br><br>debugging says...(do i need to add it another way?)<br><br>[2004/01/26 16:40:21, 5] passdb/pdb_interface.c:make_pdb_methods_name(431)<br> Attempting to find an passdb backend to match ldapsam:ldap://127.0.0.1 (ldapsam)<br>[2004/01/26 16:40:21, 5] passdb/pdb_interface.c:make_pdb_methods_name(452)<br> Found pdb backend ldapsam<br>[2004/01/26 16:40:21, 2] lib/smbldap.c:smbldap_search_domain_info(1295)<br> Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=LAMP))]<br>[2004/01/26 16:40:21, 2] lib/smbldap.c:smbldap_search_suffix(1066)<br> smbldap_search_suffix: searching for:[(&(objectClass=sambaDomain)(sambaDomainName=LA
MP))]<br>[2004/01/26 16:40:21, 10] lib/smbldap.c:smbldap_open_connection(527)<br> smbldap_open_connection: ldap://127.0.0.1<br>[2004/01/26 16:40:21, 2] lib/smbldap.c:smbldap_open_connection(623)<br> smbldap_open_connection: connection opened<br>[2004/01/26 16:40:21, 10] lib/smbldap.c:smbldap_connect_system(750)<br> ldap_connect_system: Binding to ldap server ldap://127.0.0.1 as "cn=Manager,dc=INTRANET"<br>[2004/01/26 16:40:21, 3] lib/smbldap.c:smbldap_connect_system(785)<br> ldap_connect_system: succesful connection to the LDAP server<br>[2004/01/26 16:40:21, 4] lib/smbldap.c:smbldap_open(836)<br> The LDAP server is succesful connected<br>[2004/01/26 16:40:21, 5] passdb/pdb_interface.c:make_pdb_methods_name(455)<br> pdb backend ldapsam:ldap://127.0.0.1 has a valid init<br>[2004/01/26 16:40:21, 5] passdb/pdb_interface.c:make_pdb_methods_name(431)<br> Attempting to find an passdb backend to match guest (guest)<br>[2004/01/26 16:40:21, 5] passdb/pdb_interface.c:make_pdb_
methods_name(452)<br> Found pdb backend guest<br>[2004/01/26 16:40:21, 5] passdb/pdb_interface.c:make_pdb_methods_name(455)<br> pdb backend guest has a valid init<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_g
roup(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] pas
sdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsa
m_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGr
oupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:
21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldap
sam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group
: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(gidNumber=100))]<br>[2004/01/26 16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> ldapsam_search_one_group: searching for:[(&(objectClass=posixGroup)(gidNumber=100))]<br>
[2004/01/26 16:40:21, 10] intl/lang_tdb.c:lang_tdb_init(135)<br>adding entry for group Domain Power Users failed!<br> lang_tdb_init: /usr/lib/samba/en_US.UTF-8.msg: No such file or directoryreturn code = -1<br><br><br><br><br> --- On Mon 01/26, Gerald (Jerry) Carter < jerry DeleteThis @samba.org > wrote:<br>From: Gerald (Jerry) Carter [mailto: jerry DeleteThis @samba.org]<br>To: mrmailer DeleteThis @myway.com<br> Cc: samba DeleteThis @lists.samba.org<br>Date: Mon, 26 Jan 2004 16:27:49 -0600<br>Subject: Re: [Samba] net: ../../../libraries/liblber/decode.c:644: ber_scanf: Assertion `((ber)->ber_opts.lbo_valid==0x2)' failed.<br><br>-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><br>John H. wrote:<br><br>| net-3.2 groupmap modify ntgroup="Domain Admins" unixgroup="ntadmin"<br>| -s /etc/samba/smb.ldap<br>| ldapsam_update_group_mapping_entry: failed to<br>| modify group 504 error: attribute 'sambaSID' not<br>| allowed (Object class violation)<br>| Could not update group database<br><br>Do you already have a
group mapping in LDAP ? If not,<br>use 'net groupmap add' instead of modify.<br><br><br><br><br>cheers, jerry<br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.2.1 (GNU/Linux)<br>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org<br><br>iD8DBQFAFZRlIR7qMdg1EfYRAkeOAJ9mDl2xJxO9JQ44xrtJQHDINth6lgCcCenf<br>KcE/o0YF616z7BDWUM0QmNQ=<br>=3Uun<br>-----END PGP SIGNATURE-----<br><br><br><br>_______________________________________________<br>No banners. No pop-ups. No kidding.<br>Introducing My Way - http://www.myway.com<br>-- <br>To unsubscribe from this list go to the following URL and read the<br>instructions: http://lists.samba.org/mailman/listinfo/samba<br>

_______________________________________________
No banners. No pop-ups. No kidding.
Introducing My Way - http://www.myway.com
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Back to top
Login to vote
Display posts from previous:   
Related Topics:
[Samba] re:ldap group mapping problems - well, they both have the same sid, for some bizarre reason. net groupmap list -s /etc/samba/smb.ldap |grep "Admin...

[Samba] Secondary, tertiary group problems in Samba LDAP - Hello, I found an interesting thing that I don't know if it is a bug, by design or I need to be doing something that I'...

[Samba] group mappings pitfalls in samba 3 - I have recently run across this problem and would like to warn people about it. I had an already established domain..

[Samba] Samba 3.0.1pre3/ldap - Strange gid mappings server.. - Good day, I'm running some tests with Samba 3.0.1pre3 with an LDAP sam. LDAP has been, to the best of my abilities,..

[Samba] Samba 3rc1 cannot add group LDAP error: (Insuffici.. - Helo, I am on red hat 8 Compilation is just ./configure I cannot add any group on an xp client ( I can show the ,..

[Samba] RE : Samba 3rc1 cannot add group LDAP error: (Insu.. - Compiling the last cvs source it works now. Thanks ? to developpers. -- To unsubscribe from this list go to the..
       Soft32 Home -> Linux -> Samba All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Categories:
 Windows
  Linux
 Mac
 PDA

[ Contact us | Terms of Service/Privacy Policy ]