Matthew Preskett wrote:
Again, this all started after I changed a
username mapping entry from root = DOMAIN\Administrator to root =
@"DOMAIN\Domain Admins". This is in a security = ADS setup. wbinfo -u
and -g return the correct information.
1. Try # getent group
See what that returns....
It returns the correct information
2. Are you using winbind to map users and groups? If so, have you changed the idmap in your smb.conf?
Yes. No - idmap backend = idmap_ad
You might need to clear your
/var/cache/samba/winbindd_cache.tdb
No effect
/var/cache/samba/winbindd_idmap.tdb
restart winbind and smb
Broke getent - retrieved local info only. wbinfo still worked properly.
3. What version of Samba are you using, have you updated it?
3.0.23c debs from samba.org. Upgraded from 3.0.22 a few hours before
the username mapping change broke it all.
4. Try specifying the Domain Admins group in a different way e.g
"+DOMAIN\Domain Admins"
No effect
I maybe barking up the wrong tree, i'm quite new to this....
Hey, at least you tried. I'm getting precious few responses to this
self-induced disaster.
Cheers Matt
Thanks for replying.
Dale
I knew that I did not make any restrictions, so I checked the conf file
and all references to enctype are commented out and left as default.
I must point out that I made the same mapping change on a test machine,
and all went well. Unfortunately, this is the real thing, and users are
clamoring for files and printers.
From the client's perspective, sometimes a login box appears, other
times it says the network no longer exists. Also rejoining the domain
with "net ads join" acts as if the system is totally new to the domain.
I no longer get wording that indicates the system was already a domain
member. Perhaps this is an intentional change?
Thanks for replying.
Dale
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
