wiped out your post cause something went wrong with your line wrapping, it would have been a pain to read. Sorry for that.
To give you some Information. A typical user entry in LDAP looks like this:
# pkoelle, Users, samba, nil.b17 dn: uid=pkoelle,ou=Users,ou=samba,dc=nil,dc=b17 uid: pkoelle sambaSID: S-1-5-21-1363009748-3475195204-773963872-3000 displayName: pkoelle sambaAcctFlags: [U ] objectClass: sambaSamAccount objectClass: account objectClass: top sambaPrimaryGroupSID: S-1-5-21-1363009748-3475195204-773963872-512 sambaNTPassword: xxxxxxxxxxxxxxx sambaLMPassword: xxxxxxxxxxxxxx sambaPwdCanChange: 1065274530 sambaPwdLastSet: 1065274530 sambaPwdMustChange: 1067088930
Note that this are only (and not all) samba attributes and objectclasses, there have to be a corresponding posixAccount somewhere in the DIT accessible by getent().
And a group:
# NTdomadms, groups, samba, nil.b17 dn: cn=NTdomadms,ou=groups,ou=samba,dc=nil,dc=b17 objectClass: posixGroup objectClass: top objectClass: sambaGroupMapping cn: NTdomadms gidNumber: 10008 sambaSID: S-1-5-21-1363009748-3475195204-773963872-512 sambaGroupType: 2 displayName: Domain Administrators memberUid: NTadmin memberUid: pkoelle
This is basically a normal posixGroup, augmented by the sambaGroupmapping attributes sambaSID, sambaGroupType and displayName. Note that the SID is set to the "well known SID" of "Domain Administrators" group. You may use the "net groupmap" set of commands to get this mapping or populate your DIT from appropriate LDIF's.
It would be helpful to see the ldap related lines of your smb.conf, and a few error messages (from net groupmap) or logs.
hth Paul
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
