Hello *, i've got a debian samba 3.0alpha23 with ldapsam. my problem is that i can't set directory permissions. i alwasy get access denied.
what i have: svpdc:/etc/samba# smbgroupedit -v params.c:Parameter() - Ignoring badly formed line in configuration file: ldap trust ids NT group (SID) -> Unix group System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 kollegstufe (S-1-5-21-3839733233-2759951301-2176690758-3011) -> kollegstufe root (S-1-5-21-3839733233-2759951301-2176690758-1001) -> root Domain Admins (S-1-5-21-3839733233-2759951301-2176690758-512) -> root Domain Guests (S-1-5-21-3839733233-2759951301-2176690758-514) -> -1 Power Users (S-1-5-32-547) -> -1 stundenplan (S-1-5-21-3839733233-2759951301-2176690758-3013) -> stundenplan users (S-1-5-21-1904509300-1595774664-1972565418-1201) -> users Domain Admins (S-1-5-21-1904509300-1595774664-1972565418-512) -> root Domain Guests (S-1-5-21-4168099664-486183441-673156717-514) -> -1 Print Operators (S-1-5-32-550) -> -1 Administrators (S-1-5-32-544) -> -1 Domain Guests (S-1-5-21-1904509300-1595774664-1972565418-514) -> -1 sekretariat (S-1-5-21-3839733233-2759951301-2176690758-3007) -> sekretariat Account Operators (S-1-5-32-548) -> -1 Domain Users (S-1-5-21-3839733233-2759951301-2176690758-513) -> users Backup Operators (S-1-5-32-551) -> -1 direktorat (S-1-5-21-3839733233-2759951301-2176690758-3009) -> direktorat Users (S-1-5-32-545) -> users i'm wondering why some groups are listed more than once. how can i find out which group is actually used and how do i get rid of the unused ones ? i know i can do smbgroupedit -x, but there i can't specify a SID. svpdc:~# pdbedit -v -l root params.c:Parameter() - Ignoring badly formed line in configuration file: ldap trust ids Unix username: root NT username: Account Flags: [U ] User ID/Group ID: 0/0 User SID: S-1-5-21-3839733233-2759951301-2176690758-1000 Primary Group SID: S-1-5-21-3839733233-2759951301-2176690758-1001 Full Name: root Home Directory: \\svpdc\root HomeDir Drive: Logon Script: Profile Path: \\svpdc\root\profile Domain: SVFMG Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Fri, 13 Dec 1901 21:45:51 GMT Kickoff time: Fri, 13 Dec 1901 21:45:51 GMT Password last set: Tue, 10 Jun 2003 16:15:24 GMT Password can change: Tue, 10 Jun 2003 16:15:24 GMT Password must change: Fri, 13 Dec 1901 21:45:51 GMT so user root is not a member of the domain admins. this might be the reason why i get access denied trying to apply direcotry permissions. i though mapping group root to NT Domain Admin should be enough, but it doesn't seem to be. can anybody help me on this issue ?!? thanks a lot Holger Brueckner net-labs Systemhaus GmbH -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
