samba - Jan 2004 - after switching to ldap, cannot net groupmap stuff

ok, i switched to ldap and my users can login and what not, but i cannot use net
groupmap for groups anymore.  everything else seems to work ok?  if i cannot map
groups like this(for instance, unix users group to Domain Power Users) anymore,
how do i do it?

If i do net groupmap list, I get

 net groupmap list
[2004/01/26 01:46:44, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2048)
  ldapsam_setsamgrent: LDAP search failed: Invalid DN syntax
[2004/01/26 01:46:44, 0] passdb/pdb_ldap.c:ldapsam_enum_group_mapping(2113)
  ldapsam_enum_group_mapping: Unable to open passdb


if i try to add a group and map, i get the following



[2004/01/26 01:37:17, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1612)
  ldapsam_search_one_group: Problem during the LDAP search: LDAP error: invalid
DN (Invalid DN syntax)ldapsam_search_one_group: Problem during the LDAP search:
LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group: Problem
during the LDAP search: LDAP error: invalid DN (Invalid DN
syntax)ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
invalid DN (Invalid DN syntax)ldapsam_search_one_group: Problem during the LDAP
search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group:
Problem during the LDAP search: LDAP error: invalid DN (Invalid DN
syntax)ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
invalid DN (Invalid DN syntax)ldapsam_search_one_group: Problem during the LDAP
search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group:
Problem during the LDAP search: LDAP error: invalid DN (Invalid DN
syntax)ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
invalid DN (Invalid DN syntax)ldapsam_search_one_gr +>
  oup: Problem during the LDAP search: LDAP error: invalid DN (Invalid DN
syntax)ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
invalid DN (Invalid DN syntax)ldapsam_search_one_group: Problem during the LDAP
search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group:
Problem during the LDAP search: LDAP error: invalid DN (Invalid DN
syntax)ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
invalid DN (Invalid DN syntax)ldapsam_search_one_group: Problem during the LDAP
search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group:
Problem during the LDAP search: LDAP error: invalid DN (Invalid DN
syntax)ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
invalid DN (Invalid DN syntax)ldapsam_search_one_group: Problem during the LDAP
search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group:
Problem during the LDAP search: LDAP error: invalid DN (Invalid DN
syntax)ldapsam_search_one_group: Problem during t +>
adding entry for group Domain Power Users failed!

_______________________________________________
No banners. No pop-ups. No kidding.
Introducing My Way - http://www.myway.com

On Mon, 2004-01-26 at 18:48, John H. wrote:
> ok, i switched to ldap and my users can login and what not, but i cannot
use net groupmap for groups anymore.  everything else seems to work ok?  if i
cannot map groups like this(for instance, unix users group to Domain Power
Users) anymore, how do i do it?
> 
> If i do net groupmap list, I get
> 
>  net groupmap list
> [2004/01/26 01:46:44, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2048)
>   ldapsam_setsamgrent: LDAP search failed: Invalid DN syntax
What is in your smb.conf for ldap settings?

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet@samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20040126/5be3d3b4/attachment.bin

#ldap
        passdb backend = ldapsam:ldap://127.0.0.1
        ldap suffix = "dc=INTRANET"
        ldap machine suffix = ou=People,dc=INTRANET
        ldap passwd sync = yes
        ldap user suffix = ou=People,dc=INTRANET
        ldap group suffix = ou=Group,dc=INTRANET
        ldap admin dn = "cn=Manager,dc=INTRANET"
        ldap ssl = no
        idmap backend = ldapsam:ldapsam://127.0.0.1
        passwd chat debug = Yes
        passwd program =/usr/local/sbin/smbldap-passwd -o %u
        passwd chat = *new*password* %n\n *new*password:* %n\ *successfully*
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        add machine script = /usr/local/sbin/smbldap-useradd -w %m
add user script = /usr/local/sbin/smbldap-useradd -a %u
        delete user script = /usr/local/sbin/smbldap-userdel %u
        add group script = /usr/local/sbin/smbldap-groupadd %g
        delete group script = /usr/local/sbin/smbldap-groupdel %g
        add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g
        delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u $
set primary group script = /usr/local/sbin/smbldap-usermod -G %g %u





 --- On Mon 01/26, Andrew Bartlett < abartlet@samba.org > wrote:
From: Andrew Bartlett [mailto: abartlet@samba.org]
To: mrmailer@myway.com
     Cc: samba@lists.samba.org
Date: Mon, 26 Jan 2004 19:23:25 +1100
Subject: Re: [Samba] after switching to ldap, cannot net groupmap stuff

On Mon, 2004-01-26 at 18:48, John H. wrote:<br>> ok, i switched to ldap
and my users can login and what not, but i cannot use net groupmap for groups
anymore.  everything else seems to work ok?  if i cannot map groups like
this(for instance, unix users group to Domain Power Users) anymore, how do i do
it?<br>> <br>> If i do net groupmap list, I get<br>>
<br>>  net groupmap list<br>> [2004/01/26 01:46:44, 0]
passdb/pdb_ldap.c:ldapsam_setsamgrent(2048)<br>>   ldapsam_setsamgrent:
LDAP search failed: Invalid DN syntax<br><br>What is in your
smb.conf for ldap settings?<br><br>Andrew
Bartlett<br><br>-- <br>Andrew Bartlett                        
abartlet@pcug.org.au<br>Manager, Authentication Subsystems, Samba Team 
abartlet@samba.org<br>Student Network Administrator, Hawker College  
abartlet@hawkerc.net<br>http://samba.org     http://build.samba.org    
http://hawkerc.net<br>Attachment: signature.asc  (0.19KB)<br>

_______________________________________________
No banners. No pop-ups. No kidding.
Introducing My Way - http://www.myway.com

btw, i tried removing dc=INTRANET from user,group, and machine suffix, same
error







 --- On Mon 01/26, John H. < mrmailer@myway.com > wrote:
From: John H. [mailto: mrmailer@myway.com]
To: samba@lists.samba.org
Date: Mon, 26 Jan 2004 03:28:29 -0500 (EST)
Subject: Re: [Samba] after switching to ldap, cannot net groupmap stuff

<br>#ldap<br>        passdb backend =
ldapsam:ldap://127.0.0.1<br>        ldap suffix =
"dc=INTRANET"<br>        ldap machine suffix =
ou=People,dc=INTRANET<br>        ldap passwd sync = yes<br>       
ldap user suffix = ou=People,dc=INTRANET<br>        ldap group suffix =
ou=Group,dc=INTRANET<br>        ldap admin dn =
"cn=Manager,dc=INTRANET"<br>        ldap ssl = no<br>     
idmap backend = ldapsam:ldapsam://127.0.0.1<br>        passwd chat debug =
Yes<br>        passwd program =/usr/local/sbin/smbldap-passwd -o
%u<br>        passwd chat = *new*password* %n\n *new*password:* %n\
*successfully*<br>        socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192<br>        add machine script =
/usr/local/sbin/smbldap-useradd -w %m<br>add user script =
/usr/local/sbin/smbldap-useradd -a %u<br>        delete user script =
/usr/local/sbin/smbldap-userdel %u<br>        add group script =
/usr/local/sbin/smbldap-groupadd %g<br>        delete group script =
/usr/local/sbin/smbldap-groupdel %g<br>        add user to group script =
/usr/local/sbin/smbldap-groupmod -m %u %g<br>        delete user from
group script = /usr/local/sbin/smbldap-groupmod -x %u $        set primary group
script = /usr/local/sbin/smbldap-usermod -G %g
%u<br><br><br><br><br><br> --- On Mon 01/26,
Andrew Bartlett < abartlet@samba.org > wrote:<br>From: Andrew
Bartlett [mailto: abartlet@samba.org]<br>To: mrmailer@myway.com<br> 
Cc: samba@lists.samba.org<br>Date: Mon, 26 Jan 2004 19:23:25
+1100<br>Subject: Re: [Samba] after switching to ldap, cannot net groupmap
stuff<br><br>On Mon, 2004-01-26 at 18:48, John H.
wrote:<br>> ok, i switched to ldap and my users can login and what not,
but i cannot use net groupmap for groups anymore.  everything else seems to work
ok?  if i cannot map groups like this(for instance, unix users group to Domain
Power Users) anymore, how do i do it?<br>> <br>> If i do net
groupmap list, I get<br>> <br>>  net groupmap
list<br>> [2004/01/26 01:46:44, 0]
passdb/pdb_ldap.c:ldapsam_setsamgrent(2048)<br>>   ldapsam_setsamgrent:
LDAP search failed: Invalid DN syntax<br><br>What is in your
smb.conf for ldap settings?<br><br>Andrew
Bartlett<br><br>-- <br>Andrew Bartlett                        
abartlet@pcug.org.au<br>Manager, Authentication Subsystems, Samba Team 
abartlet@samba.org<br>Student Network Administrator, Hawker College  
abartlet@hawkerc.net<br>http://samba.org     http://build.samba.org    
http://hawkerc.net<br>Attachment: signature.asc 
(0.19KB)<br><br><br>_______________________________________________<br>No
banners. No pop-ups. No kidding.<br>Introducing My Way -
http://www.myway.com<br>-- <br>To unsubscribe from this list go to
the following URL and read the<br>instructions: 
http://lists.samba.org/mailman/listinfo/samba<br>

_______________________________________________
No banners. No pop-ups. No kidding.
Introducing My Way - http://www.myway.com

Le Mon, Jan 26, 2004 at 03:28:29AM -0500, John H. a
ecrit:
>         ldap suffix = "dc=INTRANET"
You must have
  ldap suffix = dc=INTRANET

-- 
J?r?me