On Fri, 2006-03-17 at 16:14 -0500, Daniel Tousignant wrote: > Craig White <[EMAIL PROTECTED]> a écrit: > >On Fri, 2006-03-17 at 15:08 -0500, Daniel Tousignant wrote: > >> The objectclass sambaSAMAccount and subsequent fields have been > >> created. We are using the standard perl script tools that are installed > >> with > >> the mandriva 2006 distro (samba 3.0.13 and openldap 2.3.6). > >> What I really do not understand is that if I put a user in the standard > >> ldap > >> group "Domain Admins" (gid=512), the user is able to logon to the > >domain, > >> but not > >> when it is in the "Domain Users" group (gid=513). What is the big > >> difference for Samba > >> between the two's ? Can it be an ACL problems ? > >---- > >not very likely to be an ACL problem. > > > >net groupmap list|grep Domain > > Domain Users (S-1-5-21-3194588850-3670737847-3710085093-513) -> Domain > Users > Domain Guests (S-1-5-21-3194588850-3670737847-3710085093-514) -> Domain > Guests > Domain Admins (S-1-5-21-3194588850-3670737847-3710085093-512) -> Domain > Admins > Domain Machines (S-1-5-21-3194588850-3670737847-3710085093-515) -> Domain > Machines > > > > > >net getlocalsid > > [2006/03/17 16:09:20, 0] utils/net.c:net_getlocalsid(494) > Can't fetch domain SID for name: HIPPOLYTE ---- this is a MAJOR problem...it should look like
dn: sambaDomainName=EXAMPLE,dc=example,dc=net sambaAlgorithmicRidBase: 1000 structuralObjectClass: sambaDomain objectClass: sambaDomain objectClass: sambaUnixIdPool sambaSID: S-1-5-21-89274850-471284788-6498272 sambaDomainName: EXAMPLE gidNumber: 1021 uidNumber: 1095 and should have been created either by hand or by idealx 'populate' script if you followed someones directions somewhere. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
