Hi, I have a strange problem with my samba domain servers, they do no longer show the domain or local groups. I run three debian sarge machines as samba domain controllers (samba version is 3.0.23c) with an ldap backend in master/slave configuration. getent group shows all the groups, net groupmap list shows all the groups but net rpc info outputs: Domain Name: GOTTINGER Domain SID: S-1-5-21-1446910239-1605792192-310601177 Sequence number: 1160906670 Num users: 63 Num domain groups: 0 Num local groups: 0 On a w23k server acting as a fileserver the security settings for folders still show the assigned domain groups and they are still working. But i can not add new domain groups. Additionaly NT4 server management for users does no longer show the groups. I can add a new group and get an access denied warning but the group shows up in getent group afterwards. I'm not sure if this behavior is related to the update to 3.0.23c, i think i added a new folder and modified access rights on the w2k server after the update. Any clues what can cause this behavior? Thx achim~
Achim Gottinger schrieb:> Hi, > > I have a strange problem with my samba domain servers, they do no > longer show the domain or local groups. > > I run three debian sarge machines as samba domain controllers (samba > version is 3.0.23c) with an ldap backend in master/slave configuration. > getent group shows all the groups, net groupmap list shows all the > groups but net rpc info outputs: > > Domain Name: GOTTINGER > Domain SID: S-1-5-21-1446910239-1605792192-310601177 > Sequence number: 1160906670 > Num users: 63 > Num domain groups: 0 > Num local groups: 0 > > On a w23k server acting as a fileserver the security settings for > folders still show the assigned domain groups and they are still > working. But i can not add new domain groups. > Additionaly NT4 server management for users does no longer show the > groups. I can add a new group and get an access denied warning but the > group shows up in getent group afterwards. > I'm not sure if this behavior is related to the update to 3.0.23c, i > think i added a new folder and modified access rights on the w2k > server after the update. > Any clues what can cause this behavior? > > Thx > achim~ >I copied the samba and ldap configuration and database stuff to another machine, same result, no domain groups showing up in net rpc group. in net groupmap list i get two lines with multiple group names in the first row: DomDomDG Prothetik (S-1-5-21-1446910239-1605792192-310601177-5069) -> DG Prothetik Removing an groupmap entry removes the whole dn entry from the ldap database. Is this due to the config line "ldap delete dn = yes" ? I tried to remove all the groups in the groupmap line showing in one line, but i can still not get a list of domain groups. achim~
Achim Gottinger schrieb:> Hi, > > I have a strange problem with my samba domain servers, they do no > longer show the domain or local groups. > > I run three debian sarge machines as samba domain controllers (samba > version is 3.0.23c) with an ldap backend in master/slave configuration. > getent group shows all the groups, net groupmap list shows all the > groups but net rpc info outputs: > > Domain Name: GOTTINGER > Domain SID: S-1-5-21-1446910239-1605792192-310601177 > Sequence number: 1160906670 > Num users: 63 > Num domain groups: 0 > Num local groups: 0 > > On a w23k server acting as a fileserver the security settings for > folders still show the assigned domain groups and they are still > working. But i can not add new domain groups. > Additionaly NT4 server management for users does no longer show the > groups. I can add a new group and get an access denied warning but the > group shows up in getent group afterwards. > I'm not sure if this behavior is related to the update to 3.0.23c, i > think i added a new folder and modified access rights on the w2k > server after the update. > Any clues what can cause this behavior? > > Thx > achim~ >Hmm fixed it had to use the latest samba.schema coming with 3.0.23c now the groups are working. thx achim~