similar to: Unable to get groupmap to work with LDAP

Considering the following page... http://us3.samba.org/samba/docs/man/guide/small.html First of, my compliments to John for some great examples to study. In my mind I see three levels of security: 1) Linux - such as SSH'ing into the Linux server, Linux accounts and groups come into play here 2) Samba PDC - "Domain Admins" "Domain Users" come into play here. Examples

Hi, I think at first you have to do a net groupmap add all the well known Groups. System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Domain Users (S-1-5-21-3732367786-856876144-3282938955-513) -> -1 Domain Admins (S-1-5-21-3732367786-856876144-3282938955-512) -> -1 Power Users (S-1-5-32-547) -> -1 Domain Guests

Should I delete them first? net groupmap list Domain Admins (S-1-5-21-3186189368-1246494298-1334198317-512) -> Domain Admins #NOTE - listed only one for clarity# # net groupmap modify sid=S-1-5-21-3186189368-1246494298-1334198317-512 unixgroup=root type=domain [2003/12/21 20:05:22, 0] passdb/pdb_ldap.c:ldapsam_update_group_mapping_entry(1954) ldapsam_update_group_mapping_entry: No group to

Hi I have samba 3.0.14a (debian/stable) and wonder where the problem is that running this command: # net groupmap add ntgroup="Domain Admins" unixgroup=ntadmins rid=512 type=d gives: adding entry for group Domain Admins failed! but (note changed rid) # net groupmap add ntgroup="Domain Admins" unixgroup=ntadmins rid=1000 type=d works fine. Hm, winbind is not working, but I

Hi, Could somebody help me out, here. I have samba-3.02a, openldap-2.1.25 on mandrake 10 and I?m trying to setup a pdc. This is what I?ve done so far: 1. configured ldap both for server and client thats slapd.conf, ldap.conf and ldap.secret 2. edited pam.d/samba 3. edited nsswitch.conf 4. configured samba - smb.conf 5. added the ldap password to secrets.tdb 6. configured smbldap-tools using the

Firstly I apologise for the length of this query but I am hoping that if I document everything I did someone might respond / be able to help. My Configuration is Samba 3.0.2a as a PDC on Redhat 8. I cannot for the life of me get the "Domain Admins" functionality to work I am hoping that another set of eyes can shed some light on this problem as I have now spent 41 hrs googling /

So here is the setup now: pam worknig, ldap working, samba working, passwd sync works great both ways (linux accounts > win accouns; win > lin). I'm useing another domain name for the new pdc. Today i tried to migtrate all the accounts from the Win2k PDC and i got into problems. I changed in smb.conf the domain name to the one of the win PDC , joind my samba intro the domain and did a

We have bumped into a most odd problem. Server: Debian Etch and their Samba 3.0.24-2 Client: WinXP SP2, MSI v3, all hot fixes The following settings are in place on the server: #!/bin/bash # # initGrps.sh # Map Windows Domain Groups to UNIX groups net groupmap add ntgroup="Domain Admins" unixgroup=domadmin rid=512 type=d net groupmap add ntgroup="Domain Users"

Relevant part of "net3 groupmap list" is System Operators (S-1-5-21-1617713866-2789119093-1479812082-1007) -> sys In howto there is the following example net groupmap modify ntgroup="System Operators" unixgroup=sys net groupmap modify ntgroup="Power Users" unixgroup=sys You can add System Operators but trying to add Power Users fails. If you do it in reverse

Hello, i have some problems migrating a Windows 2000 PDC to a Debian GNU/Linux Samba Server, i want to migrate it to a LDAP backend.. but as i'm kind of newbie with ldap and samba migration stuff, i preffered to migrate it to tdbsam first and try it for a while, if everything works fine, then switch to a ldap backend. The problem is that Essential Windows Groups are automatically created, so

Hi, Before Samba 3.0.0 RC4 I was running Samba 3.0.0 beta3, and when I upgraded to RC4, I began having problems with group mappings. I didn't notice at first, because on my laptop I don't normally log on to the domain. I just noticed when I tried to use my desktop and log on to the domain... I don't have Domain Admin privileges. So, I look at 'net groupmap list' ... and it

Hello, Background: I recently upgraded a samba 2.8 system to samba 3.0 dl'ed from samba.org current. Everything works great except the group mapping and some net sessions that get stuck but I want to focus on the groupmap issue today. Things I have done: Delete group_mapping.tdb -- restarted samba -- net groupmap modify ntgroup='Domain Admins' unixgroup=ntadmins -- result: shows

Hi, would be happy if somebody might help me with the following problem: I installed Samba as the Primary DC -- works perfectly, XP clients can join the domain, access the shares ... The domain users's primary group is the "users" Unix group. root is member of the "ntadmins" Unix group. Mapped the Unix groups to NT groups as follows: net groupmap modify

Hi all, I've scoured the net looking for a solution but to no avail. net groupmap list returns Domain Admins (S-############........) -> Domain Admins I would rather map Domain Admins to my root unix group. net groupmap modify ntgroup="Domain Admins" unixgroupreturns type=d returns an error; Could not update group database. If I delete via; net groupmap delete

Hello, I'm using Samba3Beta1 and i try to map group. I create a posix group in my ldap: dn: cn=Administrateurs du domaine,ou=Groups,dc=middleearth,dc=ring objectClass: posixGroup cn: Administrateurs du domaine memberUid: root memberUid: administrateur gidNumber: 1000 And I try to map this group with the nt group : Domain Admins net groupmap add ntgroup="Domain Admins"

Hi, -----Original Message----- From: John H Terpstra [mailto:jht@samba.org] > "domain admin group" removed > > Because you now have something much more powerful that provides real NT > Groups to your NT/200x/XP clients. But if I use LDAP for both Samba and system auth. The groups, what I added with base.ldif (idealx) exist in samba and system. for example "getent

Hi, I'm newbie with Samba. I'm using Samba-3.0 directly installed with Fedora core. I've made a PDC linux server with Samba-3.0, openldap-2.1.22 with pam_ldap everything seems to be good but not with net groupmap. when using command: "net groupmap list" I have the following error : [2003/12/15 17:52:15, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2048) ldapsam_setsamgrent:

Stephanie, Thank you for your help. I tryed what you suggest but no luck.. I get this: root@lnxsrvr2:~# /usr/local/samba/bin/net groupmap add ntgroup="Domain Admins" unixgroup="Domain Admins" rid=512 Can't lookup UNIX group Domain Admins Is there something with initial compiling samba 3.0.0 that would disable this? All the documentation that I've seen makes it look so

the weirdness continues net groupmap modify ntgroup="Domain Admins" unixgroup="ntadmin" NT Group Domain Admins doesn't exist in mapping DB --- On Mon 01/26, John H. < mrmailer@myway.com > wrote: From: John H. [mailto: mrmailer@myway.com] To: samba@lists.samba.org Date: Mon, 26 Jan 2004 17:40:49 -0500 (EST) Subject: Re: [Samba] net:

Hello, I have a test environment with 1 windows 2000 AD domain pdc ( mixed mode install ), 1 linux server ( to become pdc ) and a win xp box to test logon when the migration was completed. The problem is no matter what I try after the migration the win xp's logonserver = windows server not linux server. I have no idea what is going on here. I've listed the process for migration