Thanks, I tried adding that index to my slapd.conf and running slapindex, but it's looking like I'm still stuck in the same spot :(
If I run: */usr/sbin/smbldap-usershow chris* *dn: uid=chris,ou=Users,dc=orgon,dc=com sambaSID: S-1-5-21-3318375643-2463009161-752822123-3028 sambaPrimaryGroupSID: S-1-5-21-3318375643-2463009161-752822123-513* So I know LDAP has the correct domain SID for the sambaSID and sambaPrimaryGroupSID net groupmap list also shows correct SID mappings: *net groupmap list* *Domain Admins (S-1-5-21-3318375643-2463009161-752822123-512) -> Domain Admins Domain Users (S-1-5-21-3318375643-2463009161-752822123-513) -> Domain Users Domain Guests (S-1-5-21-3318375643-2463009161-752822123-514) -> Domain Guests Domain Computers (S-1-5-21-3318375643-2463009161-752822123-515) -> Domain Computers* yet the damned pdbedit shows the incorrect Primary Group Sid: *pdbedit -v chris* * Unix username: chris NT username: chris Account Flags: [U ] User SID: S-1-5-21-3318375643-2463009161-752822123-3028 Primary Group SID: S-1-5-21-3870114210-992129106-2167290520-513* On Wed, Nov 24, 2010 at 12:40 PM, Dale Schroeder < [email protected]> wrote: > Long shot, but see LDAP Changes in > Samba-3.0.23<http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html#id2579275> > just in case. > > Dale > > > On 11/24/2010 8:33 AM, Chris Beach wrote: > > I apologize, I somehow hit send in gmail and my message got prematurely > sent, here it is in it's entirety: > > Hi, > > I'm running 3.0.33-3.29.el5_5.1 .. migrating from 3.0.21a with an LDAP > back-end. I've use slapadd to import the LDIF file I've exported from my > original samba server, but it seems like samba isn't grabbing the Primary > Group SID from the ldif file. For Example: > > dn: uid=chris,ou=Users,dc=orgon, > > dc=com > sambaSID: S-1-5-21-3318375643-2463009161-752822123-3028 > sambaPrimaryGroupSID: *S-1-5-21-3318375643-2463009161-752822123-513* > displayName: Chris > creatorsName: cn=Manager,dc=orgon,dc=com > > I'll import this ldif file, but then when I run: > > pdbedit -v chris > > Unix username: chris > NT username: chris > Account Flags: [U ] > User SID: S-1-5-21-3318375643-2463009161-752822123-3028 > Primary Group SID: *S-1-5-21-3870114210-992129106-2167290520-513* > Full Name: Chris > > Notice how the Primary Group SID is different? > > net getdomainsid > SID for domain HAPPINESS3 is: > S-1-5-21-3870114210-992129106-2167290520 > SID for domain ORGON is: S-1-5-21-3318375643-2463009161-752822123 > > it seems to be using the local SID rather then domain SID from the ldif > file. I've got another server with an older version of samba which DOES use > the primary group SID from the ldif file when imported, I'm not sure if > samba changed how it uses it (seems like it might have from here: > hxxp://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3323463), > but I can't figure out how to correct it. > > Any help is REALLY appreciated, I've been stuck since last week on this. > > > On Wed, Nov 24, 2010 at 9:28 AM, Chris Beach <[email protected]> > <[email protected]> wrote: > > > Hi, > > I'm running 3.0.33-3.29.el5_5.1 .. migrating from 3.0.21a with an LDAP > back-end. I've use slapadd to import the LDIF file I've exported from my > original samba server, but it seems like samba isn't grabbing the Primary > Group SID from the ldif file. For Example: > > dn: uid=chris,ou=Users,dc=orgon,dc=com > sambaSID: S-1-5-21-3318375643-2463009161-752822123-3028 > sambaPrimaryGroupSID: *S-1-5-21-3318375643-2463009161-752822123-513* > displayName: Chris > creatorsName: cn=Manager,dc=orgon,dc=com > > I'll import this ldif file, but then when I run: > > pdbedit -v chris > > Unix username: chris > NT username: chris > Account Flags: [U ] > User SID: S-1-5-21-3318375643-2463009161-752822122-3028 > Primary Group SID: *S-1-5-21-3870114210-992129106-2167290520-513* > Full Name: Chris > > Notice how the Primary Group SID is different? > > > -- Chris Beach IT Analyst -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
