what says getent group ? greez
Pierre-Francois LAURAND wrote:
Hi, I'am experimenting an error on a Samba 3.0.20 pdc with ldap backend : When I have a try with the MS Win2k ACL editor to change a file permissions located on a Samba share, I can add or suppress domain users related acls, but with group related acls, an error occurs : MS Editor correctly shows the group SID, but cannot map the SID with the associated group name. smbd.log gives : [2006/01/20 10:07:27, 0, effective(6238, 2648), real(6238, 0)] rpc_server/srv_samr.c:api_samr_query_usergroups(520) api_samr_query_usergroups: unable to marshall SAMR_R_QUERY_USERGROUPS. [2006/01/20 10:07:27, 0, effective(6238, 2648), real(6238, 0)] rpc_server/srv_pipe.c:api_rpcTNP(1572) api_rpcTNP: samr: SAMR_QUERY_USERGROUPS failed. Note that "net groupmap list" just work and list the correct mapping between the sambaSID and the corresponding user groups registered in the dit. Relevant part of smb.conf : [global] workgroup = MYDOMAIN interfaces = lo0, em1 security = user enable privileges = yes username map = /usr/local/etc/smbusers.map log file = /var/log/samba/smb.log debug uid = Yes domain logons = Yes os level = 255 preferred master = Yes domain master = Yes passdb backend = ldapsam:ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap admin dn = cn=samba,ou=serviceAccounts,o=myorg ldap suffix = o=myorg ldap machine suffix = ou=computers ldap user suffix = ou=users ldap group suffix = ou=groups [Public] path = /export/public/%G read only = No create mask = 0755 directory mask = 0775 force user = %U Thanks for your help,
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
