hi
i'm out of knowledge
[System]
- Samba 3.0 Final
- Suse 8.2
- IDMAP Backend = LDAP (Openldap 2.1)
everything works fine
- getent password/group shows all groups from ldap
- in a test machine (XP) all SID's are correctly mapped to users, so i
can see DOMAIN\User instead of S-1-5-4-xxxxx-xxxxx-xxx-RID
- logons and so on are working
- granting access to files on XP in tab "security" works with ACL with
one exception:
I can't grant access on files for _groups_ (users no problem) !!!!
if i press "admit" or "ok" to store the new permissions
everything is
reseted
in the logs i see, that samba is searching for the correct SID
(S-1-4-21-xxx-xxx-xxx-512 -> DomAdmins) _AND_ for the attribute
sambaSamAccount
of course, for a groupsid, which is mapped to a unix-group (groupmap)
there's no entry with this search criteria !!!
so samba can't find an entry in LDAP and fails
who uses LDAP and groupmapping and can tell me, how to solve this
problem, that i just can grant file-access on ACL-User-Base ???
btw: wbinfo -u $UID correctly maps $UID to $SID, but wbinfo -G $GID
returns "did not succeed" ? but net groupmap list shows the correct
groupmapping?
thx
micha
--
"Matrix - more than a vision"
**************************************************
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Deutscher Platz 6
04103 Leipzig
Germany
**************************************************
