-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > On 08/28/2006 09:49 AM, Diarmuid Bourke escreveu: > > Hi, > > Our Samba Groups appear to have vanished. > > > > I've verified this by trying, "net group /domain" in windows and it > > returns no results. Trying "net rpc group -S nuada" on our master server > > returns nothing either. > > "net rpc info" on both our master and backup return > > > > Domain Name: DIAS > > Domain SID: S-1-5-21-463069746-3761697030-3888642000 > > Sequence number: 1156762378 > > Num users: 63 > > Num domain groups: 0 > > Num local groups: 0
> Try improve the debuglevel (-d) when using net, it could > reveal some nice information to help you out (and also help the > rest of us to help you). :-) Heres the output of "net rpc group list -d3 -S nuada" using debug - ------------------------------ [2006/08/31 10:26:57, 3] param/loadparm.c:lp_load(4207) lp_load: refreshing parameters [2006/08/31 10:26:57, 3] param/loadparm.c:init_globals(1393) Initialising global parameters [2006/08/31 10:26:57, 3] param/params.c:pm_process(574) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/08/31 10:26:57, 3] param/loadparm.c:do_section(3662) Processing section "[global]" [2006/08/31 10:26:57, 2] lib/interface.c:add_interface(81) added interface ip=160.6.1.26 bcast=160.6.1.255 nmask=255.255.255.0 [2006/08/31 10:26:57, 3] libsmb/namequery.c:resolve_lmhosts(855) resolve_lmhosts: Attempting lmhosts lookup for name nuada<0x20> [2006/08/31 10:26:57, 3] libsmb/namequery.c:resolve_wins(752) resolve_wins: Attempting wins lookup for name nuada<0x20> [2006/08/31 10:26:57, 3] libsmb/namequery.c:resolve_wins(755) resolve_wins: WINS server resolution selected and no WINS servers listed. [2006/08/31 10:26:57, 3] libsmb/namequery.c:resolve_hosts(917) resolve_hosts: Attempting host lookup for name nuada<0x20> Password: [2006/08/31 10:27:02, 3] libsmb/cliconnect.c:cli_start_connection(1389) Connecting to host=nuada [2006/08/31 10:27:02, 3] lib/util_sock.c:open_socket_out(870) Connecting to 160.6.1.102 at port 445 [2006/08/31 10:27:02, 3] libsmb/cliconnect.c:cli_session_setup_spnego(710) Doing spnego session setup (blob length=58) [2006/08/31 10:27:02, 3] libsmb/cliconnect.c:cli_session_setup_spnego(735) got OID=1 3 6 1 4 1 311 2 2 10 [2006/08/31 10:27:02, 3] libsmb/cliconnect.c:cli_session_setup_spnego(744) got principal=NONE [2006/08/31 10:27:02, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(929) Got challenge flags: [2006/08/31 10:27:02, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60890215 [2006/08/31 10:27:02, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(951) NTLMSSP: Set final flags: [2006/08/31 10:27:02, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60080215 [2006/08/31 10:27:02, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338) NTLMSSP Sign/Seal - Initialising with flags: [2006/08/31 10:27:02, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60080215 [2006/08/31 10:27:03, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine nuada pipe \lsarpc fnum 0x7624 bind request returned ok. [2006/08/31 10:27:03, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine nuada pipe \samr fnum 0x7625 bind request returned ok. [2006/08/31 10:27:03, 2] utils/net.c:main(878) return code = 0 - ----------------------- and for "net rpc info -d3 -S nuada" - ----------------------------- [2006/08/31 10:28:27, 3] param/loadparm.c:lp_load(4207) lp_load: refreshing parameters [2006/08/31 10:28:27, 3] param/loadparm.c:init_globals(1393) Initialising global parameters [2006/08/31 10:28:27, 3] param/params.c:pm_process(574) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/08/31 10:28:27, 3] param/loadparm.c:do_section(3662) Processing section "[global]" [2006/08/31 10:28:27, 2] lib/interface.c:add_interface(81) added interface ip=160.6.1.26 bcast=160.6.1.255 nmask=255.255.255.0 [2006/08/31 10:28:27, 3] libsmb/namequery.c:resolve_lmhosts(855) resolve_lmhosts: Attempting lmhosts lookup for name nuada<0x20> [2006/08/31 10:28:27, 3] libsmb/namequery.c:resolve_wins(752) resolve_wins: Attempting wins lookup for name nuada<0x20> [2006/08/31 10:28:27, 3] libsmb/namequery.c:resolve_wins(755) resolve_wins: WINS server resolution selected and no WINS servers listed. [2006/08/31 10:28:27, 3] libsmb/namequery.c:resolve_hosts(917) resolve_hosts: Attempting host lookup for name nuada<0x20> [2006/08/31 10:28:27, 3] libsmb/cliconnect.c:cli_start_connection(1389) Connecting to host=nuada [2006/08/31 10:28:27, 3] lib/util_sock.c:open_socket_out(870) Connecting to 160.6.1.102 at port 445 [2006/08/31 10:28:28, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine nuada pipe \lsarpc fnum 0x76f4 bind request returned ok. [2006/08/31 10:28:28, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine nuada pipe \samr fnum 0x76f5 bind request returned ok. Domain Name: DIAS Domain SID: S-1-5-21-463069746-3761697030-3888642000 Sequence number: 1157016508 Num users: 63 Num domain groups: 0 Num local groups: 0 [2006/08/31 10:28:28, 2] utils/net.c:main(878) return code = 0 - ------------------------------- > > Groups used work until recently and they exist in our ldap database. We > > have a primary domain controller with the master ldap database on it and > > a backup domain controller with a slave ldap database on it. Our version > > of samba is Version 3.0.23 and openldap is 2.3.24 > Any special event between it working and non-working > status? Maybe a power failure, disk failure, system upgrade, > LDAP changes, anything... There was a recompile of OpenLDAP (with the same compile switches as previous) and the associated applications (nss_ldap, lookupd). > > and below are the relevant sections of smb.conf from our PDC [...] > > Trying an ldapsearch to show groups exist in ldap returns.. > > > > ldapsearch -x -b cn=geotech,ou=group,dc=cp,dc=dias,dc=ie > > *snip* > So, as I understood, the group *is* there. :-) Yes but samba isn't seeing them.. :-( > Could you try to check 'net groupmap' man page > section, it perhaps could give you more info (do not forget > about the debuglevel). Here is "net groupmap list -S nuada -d3" - ---------------------- [2006/08/31 11:01:54, 3] param/loadparm.c:lp_load(4207) lp_load: refreshing parameters [2006/08/31 11:01:54, 3] param/loadparm.c:init_globals(1393) Initialising global parameters [2006/08/31 11:01:54, 3] param/params.c:pm_process(574) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/08/31 11:01:54, 3] param/loadparm.c:do_section(3662) Processing section "[global]" [2006/08/31 11:01:54, 2] lib/interface.c:add_interface(81) added interface ip=160.6.1.26 bcast=160.6.1.255 nmask=255.255.255.0 System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Domain Admins (S-1-5-21-1935741066-3473949400-2852468943-512) -> -1 Domain Guests (S-1-5-21-1935741066-3473949400-2852468943-514) -> -1 Power Users (S-1-5-32-547) -> -1 Print Operators (S-1-5-32-550) -> -1 Administrators (S-1-5-32-544) -> -1 Account Operators (S-1-5-32-548) -> -1 Domain Users (S-1-5-21-1935741066-3473949400-2852468943-513) -> -1 Backup Operators (S-1-5-32-551) -> -1 Users (S-1-5-32-545) -> -1 [2006/08/31 11:01:54, 2] utils/net.c:main(878) return code = 0 - -------------------------- *snip* > Hope this helps. > Kind regards, *snip* Thanks again, Diarmuid. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE9rRm3VcUOgGPPMMRAlY+AJ9gIqSG13b7OyD7Sowoia6KdlmWWQCgzYgn AXDv25R64ACy3hdeoUuWr6g= =lfeT -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba