-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tom Skeren wrote:
| Well, my Samba 3.0.4 is joined to a w2k AD and works fairly well so far,
| as it's not in a production environment yet. I am now testing it for
| such a release and have encountered a permission problem. Unless I
| chmod -R 777 the Samba share directroy, users can only read files on the
| share, including the ADS users in Domain Admins. Reading the Samba
| online manual, I figured the groupmap function would solve this. I did
| as the manual suggested and got teh following errors:
|
|> fskkweb# net groupmap add ntgroup="Domain Admins"
unixgroup=domadm
|> No rid or sid specified, choosing algorithmic mapping
Some users and groups have fixed rid's (i.e. they are the same
everywhere). These are all the basic well-known ones like "Guest",
"Administrator" etc. If you look you'll find a table of these.
Search
through "The official samba 3 howto guid and reference".
You need to set the rid for a Domain Admin group. It is 500.
net groupmap add rid=500 ntgroup="Domain Admins" unixgroup=domadm
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260)
|> fetch_ldap_pw: neither ldap secret retrieved!
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760)
|> ldap_connect_system: Failed to retrieve password from secrets.tdb
You haven't set the password and dn that samba will use to talk to the
ldap database with in secrets.tdb file yet.
smbpasswd -w [place ldap managers password here]
|> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763)
|> ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
|> (unknown) (Invalid credentials)
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260)
|> fetch_ldap_pw: neither ldap secret retrieved!
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760)
|> ldap_connect_system: Failed to retrieve password from secrets.tdb
|> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763)
|> ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
|> (unknown) (Invalid credentials)
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260)
|> fetch_ldap_pw: neither ldap secret retrieved!
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760)
|> ldap_connect_system: Failed to retrieve password from secrets.tdb
|> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763)
|> ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
|> (unknown) (Invalid credentials)
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260)
|> fetch_ldap_pw: neither ldap secret retrieved!
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760)
|> ldap_connect_system: Failed to retrieve password from secrets.tdb
|> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763)
|> ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
|> (unknown) (Invalid credentials)
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260)
|> fetch_ldap_pw: neither ldap secret retrieved!
|> adding entry for group Domain Admins failed!
|>
| This is snipped but the errors repeat over and over for several pages.
| Anyone have any thoughts.
|
| TMS III
|
|
|
- --
- -----------------------------------------------------------------
| I can be reached on the following Instant Messenger services: |
|---------------------------------------------------------------|
| MSN: j_c_llings@hotmail.com AIM: WyteLi0n ICQ: 123291844 |
|---------------------------------------------------------------|
| Y!: j_c_llings Jabber: jcllings@njs.netlab.cz |
- -----------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFA7vRe57L0B7uXm9oRAiyxAJ0cYU46ntgPL2OTQldWIklz/Y72LQCffjkX
JIzepd5XxJgrgSx5P0/KzRg=SqED
-----END PGP SIGNATURE-----