easbury@vogeleamerica.com
2003-Oct-06 12:57 UTC
[Samba] Group not found, (objectclass=sambaGroupMapping) (gidNumber=4294967295) ???
I am sure that I don't quite have LDAP setup with the proper Samba entries, but I only need a "bread crumb" to get me pointed in the right direction. Where do I find some information on how and where to place the sambaGroupMapping, sambaUnixIdPool, sambaIdmapEntry (automatically created?), and sambaSidEntry in the LDAP tree. Could someone just give me a little hint as to where the information might reside or give me enough info to get my LDAP tree corrected?? Please! Ed Asbury Systems Admin/Programmer Vogele America, Inc.
Gerald (Jerry) Carter
2003-Oct-06 14:06 UTC
[Samba] Group not found, (objectclass=sambaGroupMapping) (gidNumber=4294967295) ???
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 easbury@vogeleamerica.com wrote: | I am sure that I don't quite have LDAP setup with the proper Samba entries, | but I only need a "bread crumb" to get me pointed in the right direction. | Where do I find some information on how and where to place the | sambaGroupMapping, sambaUnixIdPool, sambaIdmapEntry (automatically | created?), and sambaSidEntry in the LDAP tree. Could someone just give me a | little hint as to where the information might reside or give me enough info | to get my LDAP tree corrected?? Please! Group mapping are managed by 'net groupmap'. The sambaUnixIdPool, is generated from the idmap uid and idmap gid ranges defined in smb.conf sambaIdmapEntry directory entries are created by winbindd as needed sambaSidEntry is a single structural objectclass for defining SIDs. You don't need to place this anywhere. So if you setup something like ldap suffix = dc=plainjoe,dc=org ldap user suffix = ou=people ldap machine suffix = ou=computers ldap group suffix = ou=group ldap idmap suffix = ou=idmap along with the 'ldap admin dn' and winbind parameters, all of the entries in question should be created automatically for you. But make sure that the 'ldap admin dn' has write access to the 'ldap suffix' subtree (including the ldap suffix DN). cheers, jerry ~ ---------------------------------------------------------------------- ~ Hewlett-Packard ------------------------- http://www.hp.com ~ SAMBA Team ---------------------- http://www.samba.org ~ GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc ~ "You can never go home again, Oatman, but I guess you can shop there." ~ --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/gXbNIR7qMdg1EfYRAvzkAJ9cS+RyF+vxlD40S4HN2AKXU943agCglCNU F1uh0yzjnX8wdaFH17Cl8Mo=Gams -----END PGP SIGNATURE-----