Hi,
I've posted this question before, but i'm still scratching my head.
I've got a samba 3 cvs server with an ldap backend. When I do a search for
users in a group either by net group <group> /domain or in user manager it
returns access denied
When I look at the logs on the server samba is searching for
(uid=<group>(objectclass=sambaAccount)).
The samba schema does not allow for sambaAccount to be added to groups. Where am
i going wrong??
Cheers
-------------
Kristyan Osborne IT Technician
Longhill High School
01273 391672
------
Computers are like airconditioners: They stop working properly if you open
windows.
Win95: A 32-bit patch for a 16-bit GUI shell running on top of an
8-bit operating system written for a 4-bit processor by a
2-bit company who cannot stand 1 bit of competition.
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.384 / Virus Database: 216 - Release Date: 21/08/2002
On Tue, Sep 10, 2002 at 11:35:16AM +0100, Kristyan Osborne wrote:> Hi, > > I've posted this question before, but i'm still scratching my head. > > I've got a samba 3 cvs server with an ldap backend. When I do a search for users in a group either by net group <group> /domain or in user manager it returns access deniedThis probably means somthing else...> When I look at the logs on the server samba is searching for (uid=<group>(objectclass=sambaAccount)). > > The samba schema does not allow for sambaAccount to be added to groups. Where am i going wrong??Groups are stored in a tdb, edited with smbgroupedit. However, we must first check that we don't return groups that conflict with users - hence the ldap search. Yes, this stuff needs work... Andrew Bartlett
In the log files rpc_server/srv_samr_nt.c:access_check_samr_object(91) _samr_open_group: ACCESS DENIED (requested: 0x08158a02) can you suggest anything? cheers -----Original Message----- From: abartlet@dp.samba.org [mailto:abartlet@dp.samba.org] Sent: 10 September 2002 11:52 To: Kristyan Osborne Cc: samba@samba.org Subject: Re: [Samba] Group listings in samba On Tue, Sep 10, 2002 at 11:35:16AM +0100, Kristyan Osborne wrote:> Hi, > > I've posted this question before, but i'm still scratching my head. > > I've got a samba 3 cvs server with an ldap backend. When I do a search for users in a group either by net group <group> /domain or in user manager it returns access deniedThis probably means somthing else...> When I look at the logs on the server samba is searching for (uid=<group>(objectclass=sambaAccount)). > > The samba schema does not allow for sambaAccount to be added to groups. Where am i going wrong??Groups are stored in a tdb, edited with smbgroupedit. However, we must first check that we don't return groups that conflict with users - hence the ldap search. Yes, this stuff needs work... Andrew Bartlett --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.384 / Virus Database: 216 - Release Date: 21/08/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.384 / Virus Database: 216 - Release Date: 21/08/2002