Stephanie, Thank you for your help. I tryed what you suggest but no luck.. I get this:
[EMAIL PROTECTED]:~# /usr/local/samba/bin/net groupmap add ntgroup="Domain Admins" unixgroup="Domain Admins" rid=512 Can't lookup UNIX group Domain Admins Is there something with initial compiling samba 3.0.0 that would disable this? All the documentation that I've seen makes it look so easy, but I can't get it to work. On Fri, 2003-11-07 at 06:48, [EMAIL PROTECTED] wrote: > try /usr/local/samba/bin/net groupmap add ntgroup="Domain > Admins" unixgroup="Domain Admins" rid=512 > > dn: cn=Domain Admins,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > > This group is the unix group. > > ----------------------------------- > StÃphane PURNELLE [EMAIL PROTECTED] > Service Informatique Corman S.A. Tel : 00 32 087/342467 > > > > > "Kent L. Nasveschuk" <[EMAIL PROTECTED]> > > Envoyà par : Pour : > Samba List Server <[EMAIL PROTECTED]> > [EMAIL PROTECTED] cc : > > .samba.org Objet : > [Samba] Net groupmap fails > > > > > 07/11/2003 12:31 > > > > > > > > > > I have yet to get group mapping to work in samba 3.0. Getting very > frustrated. > > I'm using openldap 2.1.23 as the backend database for samba 3.0.0. I've > added the base domain groups as posixAccounts to the LDAP database using > smbldap-populate.pl. > > [EMAIL PROTECTED]:/usr/local/etc/openldap# ldapsearch -xv -b > "o=30greatneck,dc=home,dc=net" > > # Administrator, Users, 30GreatNeck, home.net > dn: uid=Administrator,ou=Users,o=30GreatNeck,dc=home,dc=net > cn: Administrator > sn: Administrator > objectClass: inetOrgPerson > objectClass: sambaSAMAccount > objectClass: posixAccount > gidNumber: 512 > uid: Administrator > uidNumber: 998 > homeDirectory: /accounts > sambaPwdLastSet: 0 > sambaLogonTime: 0 > sambaLogoffTime: 2147483647 > sambaKickoffTime: 2147483647 > sambaPwdCanChange: 0 > sambaPwdMustChange: 2147483647 > sambaHomePath: \\Lnxsrv2\accounts > sambaHomeDrive: H: > sambaProfilePath: \\Lnxsrv2\profiles\ > sambaPrimaryGroupSID: S-1-5-21-739112995-4084651483-89095900-512 > sambaLMPassword: XXX > sambaNTPassword: XXX > sambaAcctFlags: [U ] > sambaSID: S-1-5-21-739112995-4084651483-89095900-2996 > loginShell: /bin/false > gecos: Netbios Domain Administrator > > > # nobody, Users, 30GreatNeck, home.net > dn: uid=nobody,ou=Users,o=30GreatNeck,dc=home,dc=net > cn: nobody > sn: nobody > objectClass: inetOrgPerson > objectClass: sambaSAMAccount > objectClass: posixAccount > gidNumber: 514 > uid: nobody > uidNumber: 999 > homeDirectory: /dev/null > sambaPwdLastSet: 0 > sambaLogonTime: 0 > sambaLogoffTime: 2147483647 > sambaKickoffTime: 2147483647 > sambaPwdCanChange: 0 > sambaPwdMustChange: 2147483647 > sambaHomePath: \\Lnxsrv2\accounts > sambaHomeDrive: H: > sambaProfilePath: \\Lnxsrv2\profiles\ > sambaPrimaryGroupSID: S-1-5-21-739112995-4084651483-89095900-514 > sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX > sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX > sambaAcctFlags: [NU ] > sambaSID: S-1-5-21-739112995-4084651483-89095900-2998 > loginShell: /bin/false > > # Domain Admins, Groups, 30GreatNeck, home.net > > # Domain Admins, Groups, 30GreatNeck, home.net > dn: cn=Domain Admins,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 512 > cn: Domain Admins > memberUid: Administrator > description: Netbios Domain Administrators (need smb.conf configuration) > > # Domain Users, Groups, 30GreatNeck, home.net > dn: cn=Domain Users,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 513 > cn: Domain Users > description: Netbios Domain Users (not implemented yet) > memberUid: kent > > # Domain Guests, Groups, 30GreatNeck, home.net > dn: cn=Domain Guests,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 514 > cn: Domain Guests > description: Netbios Domain Guests Users (not implemented yet) > > # Administrators, Groups, 30GreatNeck, home.net > dn: cn=Administrators,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 544 > cn: Administrators > description: Netbios Domain Members can fully administer the > computer/sambaDom > ainName (not implemented yet) > > # Users, Groups, 30GreatNeck, home.net > dn: cn=Users,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 545 > cn: Users > description: Netbios Domain Ordinary users (not implemented yet) > > # Guests, Groups, 30GreatNeck, home.net > dn: cn=Guests,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 546 > cn: Guests > memberUid: nobody > description: Netbios Domain Users granted guest access to the > computer/sambaDo > mainName (not implemented yet) > > # Power Users, Groups, 30GreatNeck, home.net > dn: cn=Power Users,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 547 > cn: Power Users > description: Netbios Domain Members can share directories and printers > (not im > plemented yet) > > # Account Operators, Groups, 30GreatNeck, home.net > dn: cn=Account Operators,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 548 > cn: Account Operators > description: Netbios Domain Users to manipulate users accounts (not > implemente > d yet) > > # Server Operators, Groups, 30GreatNeck, home.net > dn: cn=Server Operators,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 549 > cn: Server Operators > description: Netbios Domain Server Operators (need smb.conf > configuration) > > # Print Operators, Groups, 30GreatNeck, home.net > dn: cn=Print Operators,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 550 > cn: Print Operators > description: Netbios Domain Print Operators (need smb.conf > configuration) > > # Backup Operators, Groups, 30GreatNeck, home.net > dn: cn=Backup Operators,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 551 > cn: Backup Operators > description: Netbios Domain Members can bypass file security to back up > files > (not implemented yet) > > # Replicator, Groups, 30GreatNeck, home.net > dn: cn=Replicator,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 552 > cn: Replicator > description: Netbios Domain Supports file replication in a > sambaDomainName (no > t implemented yet) > > # Domain Computers, Groups, 30GreatNeck, home.net > dn: cn=Domain Computers,ou=Groups,o=30GreatNeck,dc=home,dc=net > objectClass: posixGroup > gidNumber: 553 > cn: Domain Computers > description: Netbios Domain Computers accounts > > # 30GREATNECK, 30GreatNeck, home.net > dn: sambaDomainName=30GREATNECK,o=30GreatNeck,dc=home,dc=net > sambaDomainName: 30GREATNECK > sambaSID: S-1-5-21-739112995-4084651483-89095900 > sambaAlgorithmicRidBase: 1000 > objectClass: sambaDomain > > > /usr/local/src# /usr/local/samba/bin/net groupmap add ntgroup="Domain > Admins" unixgroup=root rid=512 > adding entry for group Domain Admins failed! > > /usr/local/samba/bin/net groupmap modify ntgroup="Domain Admins" > unixgroup=root > NT Group Domain Admins doesn't exist in mapping DB > > I also tryed the above > > I know I need to map Domain Admins to root users to be able to create > machine accounts for W2k machines. > > What are some reasons for this to fail? I've read a great deal of > documentation and everything I try fails. > > -- > Kent L. Nasveschuk <[EMAIL PROTECTED]> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- Kent L. Nasveschuk <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
