i'm out of knowledge
[System]
- Samba 3.0 Final - Suse 8.2 - IDMAP Backend = LDAP (Openldap 2.1)
everything works fine
- getent password/group shows all groups from ldap
- in a test machine (XP) all SID's are correctly mapped to users, so i can see DOMAIN\User instead of S-1-5-4-xxxxx-xxxxx-xxx-RID
- logons and so on are working
- granting access to files on XP in tab "security" works with ACL with one exception:
I can't grant access on files for _groups_ (users no problem) !!!!
if i press "admit" or "ok" to store the new permissions everything is reseted
in the logs i see, that samba is searching for the correct SID (S-1-4-21-xxx-xxx-xxx-512 -> DomAdmins) _AND_ for the attribute sambaSamAccount
of course, for a groupsid, which is mapped to a unix-group (groupmap) there's no entry with this search criteria !!!
so samba can't find an entry in LDAP and fails
who uses LDAP and groupmapping and can tell me, how to solve this problem, that i just can grant file-access on ACL-User-Base ???
btw: wbinfo -u $UID correctly maps $UID to $SID, but wbinfo -G $GID returns "did not succeed" ? but net groupmap list shows the correct groupmapping?
thx micha
--
"Matrix - more than a vision"
************************************************** Michael Gasch Max Planck Institute for Evolutionary Anthropology Deutscher Platz 6 04103 Leipzig
Germany **************************************************
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
