-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tom Skeren wrote:
| Well, my Samba 3.0.4 is joined to a w2k AD and works fairly well so far, | as it's not in a production environment yet. I am now testing it for | such a release and have encountered a permission problem. Unless I | chmod -R 777 the Samba share directroy, users can only read files on the | share, including the ADS users in Domain Admins. Reading the Samba | online manual, I figured the groupmap function would solve this. I did | as the manual suggested and got teh following errors: | |> fskkweb# net groupmap add ntgroup="Domain Admins" unixgroup=domadm |> No rid or sid specified, choosing algorithmic mapping
Some users and groups have fixed rid's (i.e. they are the same everywhere). These are all the basic well-known ones like "Guest", "Administrator" etc. If you look you'll find a table of these. Search through "The official samba 3 howto guid and reference".
You need to set the rid for a Domain Admin group. It is 500. net groupmap add rid=500 ntgroup="Domain Admins" unixgroup=domadm
|> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260) |> fetch_ldap_pw: neither ldap secret retrieved! |> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760) |> ldap_connect_system: Failed to retrieve password from secrets.tdb
You haven't set the password and dn that samba will use to talk to the ldap database with in secrets.tdb file yet. smbpasswd -w [place ldap managers password here]
|> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763) |> ldapsam_search_one_group: Problem during the LDAP search: LDAP error: |> (unknown) (Invalid credentials) |> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260) |> fetch_ldap_pw: neither ldap secret retrieved! |> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760) |> ldap_connect_system: Failed to retrieve password from secrets.tdb |> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763) |> ldapsam_search_one_group: Problem during the LDAP search: LDAP error: |> (unknown) (Invalid credentials) |> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260) |> fetch_ldap_pw: neither ldap secret retrieved! |> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760) |> ldap_connect_system: Failed to retrieve password from secrets.tdb |> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763) |> ldapsam_search_one_group: Problem during the LDAP search: LDAP error: |> (unknown) (Invalid credentials) |> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260) |> fetch_ldap_pw: neither ldap secret retrieved! |> [2004/07/09 08:54:36, 0] lib/smbldap.c:smbldap_connect_system(760) |> ldap_connect_system: Failed to retrieve password from secrets.tdb |> [2004/07/09 08:54:36, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1763) |> ldapsam_search_one_group: Problem during the LDAP search: LDAP error: |> (unknown) (Invalid credentials) |> [2004/07/09 08:54:36, 0] lib/smbldap.c:fetch_ldap_pw(260) |> fetch_ldap_pw: neither ldap secret retrieved! |> adding entry for group Domain Admins failed! |> | This is snipped but the errors repeat over and over for several pages. | Anyone have any thoughts. | | TMS III | | |
- --
- ----------------------------------------------------------------- | I can be reached on the following Instant Messenger services: | |---------------------------------------------------------------| | MSN: [EMAIL PROTECTED] AIM: WyteLi0n ICQ: 123291844 | |---------------------------------------------------------------| | Y!: j_c_llings Jabber: [EMAIL PROTECTED] | - ----------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3-nr1 (Windows XP) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFA7vRe57L0B7uXm9oRAiyxAJ0cYU46ntgPL2OTQldWIklz/Y72LQCffjkX JIzepd5XxJgrgSx5P0/KzRg= =SqED -----END PGP SIGNATURE-----
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
