<Tom.Tran@noaa.gov>
2005-Aug-20 18:20 UTC
[Fedora-directory-users] Re: Problem with Samba-Fedora-ds Intergration (HOWTO:SAMBA)
Thank you for your reply. Here is my /etc/samba/smb.conf ------------------------------ # Global parameters [global] workgroup = SEFSC netbios name = MIAPOGO server string = Samba %u on (%L) log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap dns proxy = No idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 cups options = raw security = user passdb backend = ldapsam:ldap://miapogo.sefsc.noaa.gov ldap suffix = dc=sefsc,dc=noaa,dc=gov ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups os level = 33 domain logons = yes domain master = yes local master = yes preferred master = yes wins support = yes logon home = \\%L\%u\profiles logon path = \\%L\profiles\%u logon drive = H: template shell = /bin/false winbind use default domain = yes [netlogon] path = /var/lib/samba/netlogon read only = yes browseable = no [profiles] path = /var/lib/samba/profiles read only = no create mask = 0600 directory mask = 0700 [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No -------------------------- ------- original message ------- Date: Fri, 19 Aug 2005 13:03:02 -0400 From: Adam Stokes <astokes@redhat.com> Subject: Re: [Fedora-directory-users] Problem with Samba - Fedora-ds Integration (HOWTO:SAMBA) To: "General discussion list for the Fedora Directory server project." <fedora-directory-users@redhat.com> Message-ID: <20050819130302.7494f11d@froman.rdu.redhat.com> Content-Type: text/plain; charset=US-ASCII Please post your smb.conf On Fri, 19 Aug 2005 11:29:03 -0400 <Tom.Tran@noaa.gov> wrote:> I followed the document until I get the following error: > > #/opt/fedora-ds/slapd-miapogo/ldif2ldap "cn=Directory Manager" > fds80000 /tmp/sambaGroups.ldif > > This command returns: > adding new entry cn=DomainAdmins,ou=Groups,dc=sefsc,dc=noaa,dc=gov> adding new entry cn=Domain Users,ou=Groups,dc=sefsc,dc=noaa,dc=gov > adding new entry cn=DomainGuests,ou=Groups,dc=sefsc,dc=noaa,dc=gov> adding new entry cn=Domain > Computers,ou=Groups,dc=sefsc,dc=noaa,dc=gov > > I then run the following command: > > # net groupmap add rid=512 ntgroup=''Domain Admins'' unixgroup=''Domain > Admins'' > > This command returns: > [2005/08/19 09:48:37, 0] > passdb/pdb_ldap.c:ldapsam_add_group_mapping_entry(2330) > ldapsam_add_group_mapping_entry: failed to add group 2512 error: > Insufficient ''write'' privilege to teh ''sambaSID'' attribute of > entry ''cn=domain admins,ou=groups,dc=sefsc,dc=noaa,dc=gov''. > (Insufficient access) > adding entry for group Domain Admins failed! > > I am a novice on this subject and have no idea how to fix it.Please> help! > > Tom Tran
Adam Stokes
2005-Aug-21 15:55 UTC
Re: [Fedora-directory-users] Re: Problem with Samba-Fedora-ds Intergration (HOWTO:SAMBA)
Tom.Tran@noaa.gov wrote:>Thank you for your reply. >Here is my /etc/samba/smb.conf >------------------------------ ># Global parameters >[global] >workgroup = SEFSC >netbios name = MIAPOGO >server string = Samba %u on (%L) >log file = /var/log/samba/%m.log >max log size = 50 >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >printcap name = /etc/printcap >dns proxy = No >idmap uid = 16777216-33554431 >idmap gid = 16777216-33554431 >cups options = raw > >security = user >passdb backend = ldapsam:ldap://miapogo.sefsc.noaa.gov >ldap suffix = dc=sefsc,dc=noaa,dc=gov >ldap user suffix = ou=People >ldap machine suffix = ou=Computers >ldap group suffix = ou=Groups > >os level = 33 >domain logons = yes >domain master = yes >local master = yes >preferred master = yes > >wins support = yes > >logon home = \\%L\%u\profiles >logon path = \\%L\profiles\%u >logon drive = H: > >template shell = /bin/false >winbind use default domain = yes > >[netlogon] >path = /var/lib/samba/netlogon >read only = yes >browseable = no > >[profiles] >path = /var/lib/samba/profiles >read only = no >create mask = 0600 >directory mask = 0700 > >[homes] >comment = Home Directories >read only = No >browseable = No > >[printers] >comment = All Printers >path = /var/spool/samba >printable = Yes >browseable = No >-------------------------- > >------- original message ------- >Date: Fri, 19 Aug 2005 13:03:02 -0400 >From: Adam Stokes <astokes@redhat.com> >Subject: Re: [Fedora-directory-users] Problem with Samba - Fedora-ds >Integration (HOWTO:SAMBA) >To: "General discussion list for the Fedora Directory server project." ><fedora-directory-users@redhat.com> >Message-ID: <20050819130302.7494f11d@froman.rdu.redhat.com> >Content-Type: text/plain; charset=US-ASCII > >Please post your smb.conf > >On Fri, 19 Aug 2005 11:29:03 -0400 ><Tom.Tran@noaa.gov> wrote: > > > >>I followed the document until I get the following error: >> >>#/opt/fedora-ds/slapd-miapogo/ldif2ldap "cn=Directory Manager" >>fds80000 /tmp/sambaGroups.ldif >> >>This command returns: >> adding new entry cn=Domain >> >> >Admins,ou=Groups,dc=sefsc,dc=noaa,dc=gov > > >> adding new entry cn=Domain Users,ou=Groups,dc=sefsc,dc=noaa,dc=gov >> adding new entry cn=Domain >> >> >Guests,ou=Groups,dc=sefsc,dc=noaa,dc=gov > > >> adding new entry cn=Domain >>Computers,ou=Groups,dc=sefsc,dc=noaa,dc=gov >> >>I then run the following command: >> >># net groupmap add rid=512 ntgroup=''Domain Admins'' unixgroup=''Domain >>Admins'' >> >>This command returns: >>[2005/08/19 09:48:37, 0] >>passdb/pdb_ldap.c:ldapsam_add_group_mapping_entry(2330) >>ldapsam_add_group_mapping_entry: failed to add group 2512 error: >>Insufficient ''write'' privilege to teh ''sambaSID'' attribute of >>entry ''cn=domain admins,ou=groups,dc=sefsc,dc=noaa,dc=gov''. >>(Insufficient access) >>adding entry for group Domain Admins failed! >> >>I am a novice on this subject and have no idea how to fix it. >> >> >Please > > >>help! >> >>Tom Tran >> >> > > > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > >You do not have an admin dn set please refer back to the documentation : [global] workgroup = YOURWORKGROUP security = user passdb backend = ldapsam:ldap://example.com ldap admin dn = cn=Directory Manager ldap suffix = dc=example,dc=com ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups thanks, adam