thr3ads.net - samba - [Samba] problems with group mappings with ldap [Jan 2004]

If this information is useful, please help other people find it:
Share via:
John H.
2004-Jan-27 00:44 UTC
[Samba] problems with group mappings with ldap

the weirdness continues

 net groupmap modify ntgroup="Domain Admins"
unixgroup="ntadmin"
NT Group Domain Admins doesn't exist in mapping DB




 --- On Mon 01/26, John H. < mrmailer@myway.com > wrote:
From: John H. [mailto: mrmailer@myway.com]
To: samba@lists.samba.org
Date: Mon, 26 Jan 2004 17:40:49 -0500 (EST)
Subject: Re: [Samba] net: ../../../libraries/liblber/decode.c:644: ber_scanf:
Assertion `((ber)->ber_opts.lbo_valid==0x2)' failed.

<br>i thought i had, but apparently not, so i did that and this is what i
have now(as you can see, there are two entries)<br><br><br>net
groupmap list -s /etc/samba/smb.ldap<br>Domain Admins
(S-1-5-21-4070452498-3149834983-2923667569-512) -> 512<br>Domain Guests
(S-1-5-21-4070452498-3149834983-2923667569-514) ->
514<br>Administrators (S-1-5-21-4070452498-3149834983-2923667569-544)
-> 544<br>Guests (S-1-5-21-4070452498-3149834983-2923667569-546) ->
546<br>Power Users (S-1-5-21-4070452498-3149834983-2923667569-547) ->
547<br>Account Operators (S-1-5-21-4070452498-3149834983-2923667569-548)
-> 548<br>Server Operators
(S-1-5-21-4070452498-3149834983-2923667569-549) -> 549<br>Print
Operators (S-1-5-21-4070452498-3149834983-2923667569-550) ->
550<br>Backup Operators (S-1-5-21-4070452498-3149834983-2923667569-551)
-> 551<br>Replicator (S-1-5-21-4070452498-3149834983-2923667569-552)
-> 552<br>Domain Computers
(S-1-5-21-4070452498-3149834983-2923667569-553) -> 553<br>Domain Admins
(S-1-5-21-4070452498-3149834983-2923667569-512) ->
ntadmin<br><br><br>is that ok?<br><br>I wanted to
add Domain Power users, and did this...<br><br><br> net
groupmap add ntgroup="Domain Power Users" unixgroup=users
sid=S-1-5-21-4070452498-3149834983-2923667569-1201 -s
/etc/samba/smb.ldap<br><br>adding entry for group Domain Power Users
failed!<br><br><br>debugging says...(do i need to add it
another way?)<br><br>[2004/01/26 16:40:21, 5]
passdb/pdb_interface.c:make_pdb_methods_name(431)<br>  Attempting to find
an passdb backend to match ldapsam:ldap://127.0.0.1
(ldapsam)<br>[2004/01/26 16:40:21, 5]
passdb/pdb_interface.c:make_pdb_methods_name(452)<br>  Found pdb backend
ldapsam<br>[2004/01/26 16:40:21, 2]
lib/smbldap.c:smbldap_search_domain_info(1295)<br>  Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=LAMP))]<br>[2004/01/26
16:40:21, 2] lib/smbldap.c:smbldap_search_suffix(1066)<br> 
smbldap_search_suffix: searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=LAMP))]<br>[2004/01/26
16:40:21, 10] lib/smbldap.c:smbldap_open_connection(527)<br> 
smbldap_open_connection: ldap://127.0.0.1<br>[2004/01/26 16:40:21, 2]
lib/smbldap.c:smbldap_open_connection(623)<br>  smbldap_open_connection:
connection opened<br>[2004/01/26 16:40:21, 10]
lib/smbldap.c:smbldap_connect_system(750)<br>  ldap_connect_system:
Binding to ldap server ldap://127.0.0.1 as
"cn=Manager,dc=INTRANET"<br>[2004/01/26 16:40:21, 3]
lib/smbldap.c:smbldap_connect_system(785)<br>  ldap_connect_system:
succesful connection to the LDAP server<br>[2004/01/26 16:40:21, 4]
lib/smbldap.c:smbldap_open(836)<br>  The LDAP server is succesful
connected<br>[2004/01/26 16:40:21, 5]
passdb/pdb_interface.c:make_pdb_methods_name(455)<br>  pdb backend
ldapsam:ldap://127.0.0.1 has a valid init<br>[2004/01/26 16:40:21, 5]
passdb/pdb_interface.c:make_pdb_methods_name(431)<br>  Attempting to find
an passdb backend to match guest (guest)<br>[2004/01/26 16:40:21, 5]
passdb/pdb_interface.c:make_pdb_methods_name(452)<br>  Found pdb backend
guest<br>[2004/01/26 16:40:21, 5]
passdb/pdb_interface.c:make_pdb_methods_name(455)<br>  pdb backend guest
has a valid init<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] pas
 sdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group
 : searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=4294967295))]<br>[2004/01/26
16:40:21, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=sambaGroupMapping)(gidNumber=100))]<br>[2004/01/26
16:40:21, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1742)<br> 
ldapsam_getgroup: Did not find group<br>[2004/01/26 16:40:21, 2]
passdb/pdb_ldap.c:ldapsam_search_one_group(1597)<br> 
ldapsam_search_one_group: searching
for:[(&(objectClass=posixGroup)(gidNumber=100))]<br>[2004/01/26
16:40:21, 10] intl/lang_tdb.c:lang_tdb_init(135)<br>adding entry for group
Domain Power Users failed!<br>  lang_tdb_init:
/usr/lib/samba/en_US.UTF-8.msg: No such file or directoryreturn code =
-1<br><br><br><br><br> --- On Mon 01/26, Gerald
(Jerry) Carter < jerry@samba.org > wrote:<br>From: Gerald (Jerry)
Carter [mailto: jerry@samba.org]<br>To: mrmailer@myway.com<br>    
Cc: samba@lists.samba.org<br>Date: Mon, 26 Jan 2004 16:27:49
-0600<br>Subject: Re: [Samba] net:
../../../libraries/liblber/decode.c:644: ber_scanf: Assertion
`((ber)->ber_opts.lbo_valid==0x2)' failed.<br><br>-----BEGIN
PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><br>John H.
wrote:<br><br>| net-3.2 groupmap modify ntgroup="Domain
Admins" unixgroup="ntadmin"<br>|   -s
/etc/samba/smb.ldap<br>|   ldapsam_update_group_mapping_entry: failed
to<br>|   modify group 504 error: attribute 'sambaSID'
not<br>|   allowed (Object class violation)<br>|   Could not update
group database<br><br>Do you already have a group mapping in LDAP ? 
If not,<br>use 'net groupmap add' instead of
modify.<br><br><br><br><br>cheers,
jerry<br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.2.1
(GNU/Linux)<br>Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org<br><br>iD8DBQFAFZRlIR7qMdg1EfYRAkeOAJ9mDl2xJxO9JQ44xrtJQHDINth6lgCcCenf<br>KcE/o0YF616z7BDWUM0QmNQ=<br>=3Uun<br>-----END
PGP
SIGNATURE-----<br><br><br><br>_______________________________________________<br>No
banners. No pop-ups. No kidding.<br>Introducing My Way -
http://www.myway.com<br>-- <br>To unsubscribe from this list go to
the following URL and read the<br>instructions: 
http://lists.samba.org/mailman/listinfo/samba<br>

_______________________________________________
No banners. No pop-ups. No kidding.
Introducing My Way - http://www.myway.com
Reasonably Related Threads

Search for more seemingly similar threads
samba - Jan 2004 - problems with group mappings with ldap

[Samba] problems with group mappings with ldap

Reasonably Related Threads

Wisdom of the Ancients
