thr3ads.net - samba - [Samba] Samba LDAP PDC Admin and other minor problems. [Jan 2005]

If this information is useful, please help other people find it:
Share via:

David Sonenberg

2005-Jan-25 20:18 UTC

[Samba] Samba LDAP PDC Admin and other minor problems.

So I've got my PDC LDAP up and running and replicating over to the slave
BDC,
and I'm just trying to fix some minor problems.  I've added my self to
the
"Domain Admins" group but I still can't open the windows usrmgr
program with
my account.  I even set it up so my default group is "Domain Admins" 
I can
open it with the administrator account, but I can't add groups to a user
from
there.  When I try I get this error in my log.smbd
[2005/01/25 15:02:48, 3] groupdb/mapping.c:smb_add_user_group(1082)
  smb_add_user_group: Running the command 
`/usr/local/samba/sbin/smbldap-groupmod -m "test"
"ntadmin"' gave 6
 I tried running it at the command line and I just get:
/usr/local/samba/sbin/smbldap-groupmod: ntadmin doesn't exist
I do have a ntgroup "Domain Admins" that is mapped to the unixgroup
ntadmin.
Here's my smb.conf:
[global]

#Domain Settings
interfaces = eth0 10.1.0.6/24
workgroup = STROZLLC
netbios name = NYHAND
wins support  = yes
os level = 35
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
logon path logon home 
# Scripts
add user script = /usr/local/samba/sbin/smbldap-useradd -m "%u"
delete user script = /usr/local/samba/sbin/smbldap-userdel "%u"
add group script = /usr/local/samba/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/local/samba/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/samba/sbin/smbldap-groupmod -m
"%u" "%g"
delete user from group script = /usr/local/samba/sbin/smbldap-groupmod -x
"%g"
"%u"
set primary group script = /usr/local/samba/sbin/smbldap-usermod -g
"%g" "%u"
add machine script = /usr/local/samba/sbin/smbldap-useradd -w "%u"

# Ldap Configuration
passdb backend = ldapsam:ldaps://10.1.0.6:636
ldap suffix = dc=strozllc,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=People
ldap idmap suffix = ou=People
ldap admin dn = cn=Manager,dc=strozllc,dc=com
ldap delete dn = Yes
ldap ssl = yes
ldap passwd sync = Yes
idmap uid = 15000-20000
idmap gid = 15000-20000
#winbind separator = +

[netlogin]
path = /var/samba/netlogon
read only = yes
write list = ntadmin

[profiles]
path = /var/samba/profiles
read only = no
create mask = 0600
directory mask = 0700


-- 
David Sonenberg
Systems / Network Administrator
Stroz Friedberg, LLC
15 Maiden Lane, Suite 1208
New York, NY 10038
212.981.6527 (o) | 917.495.4918 (c)

Maybe Matching Threads

Search for more possibly parallel threads

samba - Jan 2005 - Samba LDAP PDC Admin and other minor problems.

[Samba] Samba LDAP PDC Admin and other minor problems.

Maybe Matching Threads

Wisdom of the Ancients