Hello, I have added a group on my samba server (which uses LDAP as its backend) using the command: 'smbldap-groupadd -a "DINF - Suporte"' but when I try to add a user into it using 'smbldap-groupmod -m "pr193292" "DINF - Suporte"' I get the following error message: /usr/sbin/smbldap-groupmod: group DINF - Suporte not found! I can see the group on LDAP and the windows computers also recognize it (I can see it while setting directory permissions on windows machines). Also, I get this on winbind when I try to place a user into a group: ------------------------- [2007/01/05 05:00:18, 2] passdb/pdb_ldap.c:init_group_from_ldap(2000) init_group_from_ldap: Entry found for group: 1007 [2007/01/05 05:00:18, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(299) group DINF - Suporte in domain PRODESAN.COM.BR does not exist ------------------------- On my LDAP log I get this: ------------------------- Jan 5 11:01:09 localhost slapd[28600]: conn=42054 fd=27 ACCEPT from IP=127.0.0.1:48101 (IP=0.0.0.0:389) Jan 5 11:01:09 localhost slapd[28600]: conn=42054 op=0 BIND dn="cn=admin,dc=prodesan,dc=com,dc=br" method=128 Jan 5 11:01:09 localhost slapd[28600]: conn=42054 op=0 BIND dn="cn=admin,dc=prodesan,dc=com,dc=br" mech=SIMPLE ssf=0 Jan 5 11:01:09 localhost slapd[28600]: conn=42054 op=0 RESULT tag=97 err=0 textJan 5 11:01:09 localhost slapd[28600]: conn=42054 op=1 SRCH base="ou=Grupos,dc=prodesan,dc=com,dc=br" scope=2 deref=2 filter="(&(objectClass=posixGroup)(cn=dinf - suporte))" Jan 5 11:01:09 localhost slapd[28600]: conn=42054 op=1 SEARCH RESULT tag=101 err=0 nentries=1 textJan 5 11:01:09 localhost slapd[28600]: conn=42055 fd=38 ACCEPT from IP=192.168.130.200:48102 (IP=0.0.0.0:389) Jan 5 11:01:09 localhost slapd[28600]: conn=42055 op=0 BIND dn="" method=128 Jan 5 11:01:09 localhost slapd[28600]: conn=42055 op=0 RESULT tag=97 err=0 textJan 5 11:01:10 localhost slapd[28600]: conn=42055 op=1 SRCH base="dc=prodesan,dc=com,dc=br" scope=2 deref=0 filter="(&(?=undefined)(cn=dinf - suporte))" Jan 5 11:01:10 localhost slapd[28600]: conn=42055 op=1 SRCH attr=cn sambaPassword memberUid uniqueMember gidNumber Jan 5 11:01:10 localhost slapd[28600]: conn=42055 op=1 SEARCH RESULT tag=101 err=0 nentries=0 textJan 5 11:01:10 localhost slapd[28600]: conn=30364 op=5163 SRCH base="ou=grupos,dc=prodesan,dc=com,dc=br" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(|(displayName=dinf - suporte)(cn=dinf - suporte)))" Jan 5 11:01:10 localhost slapd[28600]: conn=30364 op=5163 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Jan 5 11:01:10 localhost slapd[28600]: conn=30364 op=5163 SEARCH RESULT tag=101 err=0 nentries=1 textJan 5 11:01:10 localhost slapd[28600]: conn=42054 fd=27 closed Jan 5 11:01:10 localhost slapd[28600]: conn=42055 fd=38 closed ------------------------- Any ideas why I can't add the user to the group? Thanks a lot, -- Diego Alencar Alves de Lima DINF - Prodesan (http://www.prodesan.com.br) Prefeitura Municipal de Santos (http://www.santos.sp.gov.br) -- Esta mensagem foi verificada pelo sistema de antiv?rus e acredita-se estar livre de perigo.
Felipe Augusto van de Wiel
2007-Jan-09 22:57 UTC
[Samba] Problems managing groups with smbldap
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/05/2007 10:59 AM, Diego Lima escreveu:> Hello, > > I have added a group on my samba server (which uses LDAP as its backend) using > the command: 'smbldap-groupadd -a "DINF - Suporte"' but when I try to add a > user into it using 'smbldap-groupmod -m "pr193292" "DINF - Suporte"' I get the > following error message: > > /usr/sbin/smbldap-groupmod: group DINF - Suporte not found!What happens if you try to add the user to "Domain Admins"?> I can see the group on LDAP and the windows computers also recognize it (I can > see it while setting directory permissions on windows machines). Also, I get > this on winbind when I try to place a user into a group: > > ------------------------- > [2007/01/05 05:00:18, 2] passdb/pdb_ldap.c:init_group_from_ldap(2000) > init_group_from_ldap: Entry found for group: 1007 > [2007/01/05 05:00:18, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(299) > group DINF - Suporte in domain PRODESAN.COM.BR does not exist > ------------------------- > > On my LDAP log I get this:[...]> Any ideas why I can't add the user to the group? > Thanks a lot,Not right now, maybe if you post some extra information like Samba version and smb.conf. Kind regards, - -- Felipe Augusto van de Wiel <felipe@paranacidade.org.br> Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFpB3bCj65ZxU4gPQRAiEbAJ4uYJ6lEhv/Ln8tWJy638NtXihkrwCfW9Cs tPrOoGGpIBl/F1G3Bu4FY2Y=i1Tp -----END PGP SIGNATURE-----