John, > Anyway, I am here. When trying to join a domain with the administrator > account I get "no mapping between account name and security ID's was done" > And the joining fails... > > All the needed files are attached, from the ldap log. to the samba.conf > to the ldifs of the machine, root and admin account. > Trying with the root account nets me the same error > > in smbusers I noticed an entry i never made > > root = administrator > > software versions: > > [EMAIL PROTECTED] openldap-data]# rpm -qa |grep samba > samba-3.0.11-1 > samba-swat-3.0.11-1 > samba-client-3.0.11-1 > samba-common-3.0.11-1 > > I am assumine the rpm or something else made that mapping. I dunno...
This entry is normal, I believe. But according to you smb.conf file, you aren't using the username map parameter, so the fact the file is their shouldn't matter. > net groupmap list > > Engineering (S-1-5-21-1391849139-953726148-1374988380-9005) -> Engineering > Staff (S-1-5-21-1391849139-953726148-1374988380-9003) -> Staff > Sales (S-1-5-21-1391849139-953726148-1374988380-9007) -> Sales > Administration (S-1-5-21-1391849139-953726148-1374988380-9009) -> > Administration > Domain Admins (S-1-5-21-3107161993-1039155829-3332455197-512) -> > Domain Admins > Domain Users (S-1-5-21-3107161993-1039155829-3332455197-513) -> > Domain Users > Domain Guests (S-1-5-21-3107161993-1039155829-3332455197-514) -> > Domain Guests > Domain Computers (S-1-5-21-3107161993-1039155829-3332455197-515) > -> Domain Computers > Administrators (S-1-5-32-544) -> Administrators > Print Operators (S-1-5-32-550) -> Print Operators > Backup Operators (S-1-5-32-551) -> Backup Operators > Replicators (S-1-5-32-552) -> Replicators I don't know if this will help you with your problem or not. I'm very new to Samba but you will notice that you group SIDs aren't consistent. My guess is that this could be causing someone of your problems. You could try: net getlocalsid to find out what your SID is supposed to be. Then verify that you have set that correctyl in your smbldap.conf file for the Idealx tools. > ldap suffix = o=ventusnetworks.com,dc=na > ldap filter = (&(uid=%u)(objectclass=sambaSamAccount)) > ldap machine suffix = ou=Computers > ldap user suffix = ou=Staff > ldap group suffix = ou=Groups > ldap admin dn = "cn=Manager,dc=na" Also, I am a newbie to LDAP too but shouldn't your suffixes be the full DN. For example, instead of ldap machine suffix = ou=Computers shouldn't it be ldap machine suffix = ou=Computers,o=vertusnetworks.com,dc=na or whatever you DN is? Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba