I'm been playing with the groups and LDAP (passdb backend) and found two problems:
1. When -as local admin in a XP domain member ws-, from the administrative tools (control pannel) I select "add a group" an ldap search is performed, like: > ldapsam_search_one_user: searching > for:[(&(uid=Administrators)(objectclass=sambaAccount))] I have the groups defined in samba-pdc and several maps also: > bin/smbgroupedit -l | grep -A 1 Admin > Administrators > SID : S-1-5-32-544 > -- > Domain Admins > SID : S-1-5-21-298858960-1863792627-3661451959-512 > - and the groups don't be found at all (nor builtin nor defined). Of course, if I provide an user present in the ldap base, is added perfectly. This issue is only with (domain, non-local) groups. 2. After intend to add a new group in XP from the domain, all the database are searched: > base="o=smb,dc=unav,dc=es" scope=2 filter="(&(uid=*)(objectClass=sambaAccount))" > ... and enumerated: > [2002/10/03 00:27:05, 2] passdb/pdb_ldap.c:ldapsam_setsampwent(1218) > ldapsam_setsampwent: 27303 entries in the base! (BTW: I selected "Group" no "Group and users" in the object class to search from XP). Is this a know issue? if so, Some link? Note: the PDC has pam and nsswitch for unix accounting. Thanks, Ignacio -- ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: [EMAIL PROTECTED] CTI, Director fax: 948 425619 University of Navarra voice: 948 425600 Pamplona, SPAIN http://www.unav.es/cti/
