Thomas Wild
2005-Sep-04 10:32 UTC
[Samba] net rpc group add mygroup - NT_STATUS_ACCESS_DENIED
does not work.
Hi - I'm a little bit desperated.
I've samba configured as an PDC with openldap as an information backend.
Normally with tdb files I can do the command
net rpc group add mygroup
and this works. But if I switch to ldapsam I get the failure message
root@balu-bash(1:10)# net rpc group add mygroup
Password:
add group failed: NT_STATUS_ACCESS_DENIED
I'm quite sure that the permissions are correctly set, and the password
is also ok. The new group will be found in /etc/group but not in the
ldaptree.
I debugged everything with logfiles and strace but I can't find the
reason. Any consideration would be great.
tnx
- Thomas
Linux 2.6.5-7
Samba 3.0.20
opendlap 2.2.26
smb.conf:
passdb backend = ldapsam:ldap://localhost/
domain master = Yes
wins proxy = Yes
wins support = Yes
ldap port = 389
ldap suffix = dc=samba,dc=me,dc=de
ldap admin dn = cn=administrator,dc=samba,dc=me,dc=de
ldap delete dn = Yes
ldap idmap suffix = ou=idmap
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=hosts
ldap passwd sync = Yes
ldap ssl = no
ldap timeout = 5
slap.conf:
access to dn.subtree="dc=samba,dc=me,dc=de" attr=userPassword
by dn="cn=administrator,dc=samba,dc=me,dc=de" write
by self write
by anonymous auth
access to dn.subtree="dc=samba,dc=me,dc=de" attr=userPassword
by dn="cn=administrator,dc=samba,dc=me,dc=de" write
by self write
by anonymous auth
--
Les Templiers sont parmi nous
INRI - Igne Natura Renovatur Integra
-----------------------------------------------------------------
Thomas @ Home (Ditzingen) tw <@> adog.de
Reasonably Related Threads
Wisdom of the Ancients
