Dear Community,
I would like to make a group mapping between Unix and Windows groups. I have
created a group called "Unix System Users" on Windows with Active
Diectory User and Computers and I have also created a unix group called
systemusers in Raspbian Buster.
When a try to execute net groupmap add ntgroup="Unix System Users"
unixgroup=systemusers type=d command, the following error message comes:
No rid or sid specified, choosing a RID
Could not get new RID
Got RID 0
adding entry for group Unix System Users failed!
If I run net groupmap list command, just the prompt returns and nothing else.
The Samba AD DC works well anyway.
My smb.conf is the following:
[global]
dns forwarder = 192.168.155.1
netbios name = RIPLEY
realm = ICARUS.INTRANET
server role = active directory domain controller
workgroup = ICARUS
idmap_ldb:use rfc2307 = yes
ntlm auth = yes
[netlogon]
path = /var/lib/samba/sysvol/icarus.intranet/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[home]
path = /mnt/sda1/users/home
read only = No
[Profiles]
path = /mnt/sda1/users/profiles
read only = No
What could be the problem?
Thank you!
Abraham
On 17/07/2019 16:57, ?brah?m Gyula via samba wrote:> Dear Community, > > I would like to make a group mapping between Unix and Windows groups. I have created a group called "Unix System Users" on Windows with Active Diectory User and Computers and I have also created a unix group called systemusers in Raspbian Buster. > > When a try to execute net groupmap add ntgroup="Unix System Users" unixgroup=systemusers type=d command, the following error message comes: > > No rid or sid specified, choosing a RID > Could not get new RID > Got RID 0 > adding entry for group Unix System Users failed! > > If I run net groupmap list command, just the prompt returns and nothing else. The Samba AD DC works well anyway. > > My smb.conf is the following: > > [global] > dns forwarder = 192.168.155.1 > netbios name = RIPLEY > realm = ICARUS.INTRANET > server role = active directory domain controller > workgroup = ICARUS > idmap_ldb:use rfc2307 = yes > ntlm auth = yes > > [netlogon] > path = /var/lib/samba/sysvol/icarus.intranet/scripts > read only = No > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > > [home] > path = /mnt/sda1/users/home > read only = No > > [Profiles] > path = /mnt/sda1/users/profiles > read only = No > > > What could be the problem?This is one of those problems between your seat and the keyboard, or to to put it another way, you. ;-) You do not do it that way any more, in fact, as this is a DC and if the libnss-winbind links are set up, running: getent group 'Unix System Users' should produce output. The next question has to be, why do you want/need to do this ? Rowland
I have a system user debian-transmission and I would like to handle its permissions separately from Windows. getent group 'Unix System Users' returns with nothing. ________________________________ Felad?: samba <samba-bounces at lists.samba.org>, meghatalmaz?: Rowland penny via samba <samba at lists.samba.org> Elk?ldve: 2019. j?lius 17., szerda 18:48 C?mzett: samba at lists.samba.org <samba at lists.samba.org> T?rgy: Re: [Samba] [SAMBA] Group mapping problem On 17/07/2019 16:57, ?brah?m Gyula via samba wrote:> Dear Community, > > I would like to make a group mapping between Unix and Windows groups. I have created a group called "Unix System Users" on Windows with Active Diectory User and Computers and I have also created a unix group called systemusers in Raspbian Buster. > > When a try to execute net groupmap add ntgroup="Unix System Users" unixgroup=systemusers type=d command, the following error message comes: > > No rid or sid specified, choosing a RID > Could not get new RID > Got RID 0 > adding entry for group Unix System Users failed! > > If I run net groupmap list command, just the prompt returns and nothing else. The Samba AD DC works well anyway. > > My smb.conf is the following: > > [global] > dns forwarder = 192.168.155.1 > netbios name = RIPLEY > realm = ICARUS.INTRANET > server role = active directory domain controller > workgroup = ICARUS > idmap_ldb:use rfc2307 = yes > ntlm auth = yes > > [netlogon] > path = /var/lib/samba/sysvol/icarus.intranet/scripts > read only = No > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > > [home] > path = /mnt/sda1/users/home > read only = No > > [Profiles] > path = /mnt/sda1/users/profiles > read only = No > > > What could be the problem?This is one of those problems between your seat and the keyboard, or to to put it another way, you. ;-) You do not do it that way any more, in fact, as this is a DC and if the libnss-winbind links are set up, running: getent group 'Unix System Users' should produce output. The next question has to be, why do you want/need to do this ? Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba