Hi Simo, > Hi this is my listing: > > net -U administrator rpc group members Administrators > Enter administrator's password: > Couldn't list alias members Your samba server WILL not list the members of this global group, mostly a security issue.
> ldapsearch -xLLL '(&(objectclass=sambaGroupMapping)(sambaGroupType=4) > (sambaSID=S-1-5-32*))' > > ldapsearch -xLLL '(&(objectclass=sambaGroupMapping)(sambaGroupType=4) > (sambaSID=*))' > dn: sambaSID=S-1-5-32-545,ou=Groups,dc=example,dc=sk > objectClass: sambaSidEntry > objectClass: sambaGroupMapping > sambaSID: S-1-5-32-545 > sambaGroupType: 4 > displayName: Users > gidNumber: 10000 > sambaSIDList: S-1-5-21-2390795950-2727105968-4008069955-513 Your LDAP client WILL list the group members. > Do you know what does this mean? The reason is often "wrong configured" smbldap-tools. Check the /etc/smbldap-tools/smbldap.conf file for the wrong SID entry. > > > net getdomainsid > > > SID for local machine HOST is: > > > S-1-5-21-2242576961-186067218-2214866780 SID for domain EXAMPLE > > > is: S-1-5-21-2390795950-2727105968-4008069955 Your server and your domain have different SIDs, that may be is yor problem. Try: # net setlocalsid S-1-5-21-2390795950-2727105968-4008069955 and restart samba. > Thanks. -- regards Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba