On Fri, Jan 30, 2009 at 10:27 AM, Jeremy Allison <[email protected]> wrote: > On Fri, Jan 30, 2009 at 12:13:45AM -0800, Ray Klassen wrote: >> I have a network of about 100+ users with a Samba 3.0.25 server with >> an LDAP backend that I configured myself (with some help). Recently I >> have had to add about 300 more users to my system and now I need to >> get a slightly less technical person to help me manage the accounts. >> I've been happily using smbldap-tools all of this time, but when I >> showed what I do to my hapless trainee, her eyes started to glaze >> over. So as an alternative I'd like to start using the 'User Manager >> for Domains' in the SRVTOOLS.EXE archive. She might find the point and >> click of it all more friendly. Only thing is, when I start up User >> Manager, I can see all the users, but I can't see the groups. So I did >> a bit of checking and found that nowhere are those available as a >> list. Not even 'net rpc group list' will give me a list, even though >> if I add someone to my Domain Admins group everything works correctly. >> At the windows workstation end I can access the groups by name, to set >> the permissions of a share to certain group, etc. but I can't list >> them as I can the users.I've checked all the files... >> smb.conf,ldap.conf,slapd.conf,smbldap.conf and the Groups directive >> matches up with the right ldap 'ou' and so on. Has anyone any >> pointers? > > There was a bug in earlier versions of the smbldap-tools > that creates groups with the wrong sid-type. I'd suggest > upgrading to 3.0.34 (latest 3.0.x release) and then ensuring > the group-type is changed in your LDAP db (I think it should be > type 5, rather than type 4 but this could be the other way > around :-). > > Jeremy. >
3.0.34 is now installed. no change. 'net rpc list groups' returns nothing, while 'net rpc group members <group>' returns the correct data tried changing the group type on a few groups. no change in behavior there. cleaned up some error messages in my slapd.log where I assume samba was requesting indexes from slapd.log. just told slap.conf to index those attributes and the messages went away. Upping the loglevel in slapd.conf... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
