Re: [Samba] Samba + LDAP error in windows xp while ACL
184-2ubuntu2 Pluggable Authentication Module allowing LDA ii php5-ldap 5.2.4-2ubuntu5.3 LDAP module for php5 ii smbldap-tools 0.9.4-1 Scripts to manage Unix and Samba accounts st r...@sangam:~# dpkg -l | grep acl ii acl 2.2.45-1 Access control list utilities ii libacl1 2.2.45-1 Access control list shared library sys...@sangam:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=8.04 DISTRIB_CODENAME=hardy DISTRIB_DESCRIPTION="Ubuntu 8.04.1" any logs you from me ? C U Next Mail Raj Take Care HAVE A NICE DAY Mobile : 98418 78056 Office No : 044- 28285571, 512 , 575 Office No : 044- 30212881 --- On Tue, 17/11/09, vishesh kumar wrote: From: vishesh kumar Subject: Re: [Samba] Samba + LDAP error in windows xp while ACL To: "D.Rajan" Cc: samba@lists.samba.org Date: Tuesday, 17 November, 2009, 3:09 PM Dear rajan Did you set ldap admin password for samba by using following command. root#smbpasswd -w By the way you can also use pdbedit -Lv command to ensure samba is communicating to ldap properly. Thanks On Tue, Nov 17, 2009 at 10:55 AM, D.Rajan wrote: Dear All, What the files i need to be check to solve the problem. i am having PDC & BDC r...@sangam:/var/log/samba# net getlocalsid SID for domain SANGAM is: S-1-5-21-4020846335-601350461-1468625926 r...@vaigai:~# net getlocalsid SID for domain VAIGAI is: S-1-5-21-4020846335-601350461-1468625926 Error while ACL from windows XP: ys...@sangam:/var/log/samba$ tailf log.kh-sys-02635 [2009/11/16 19:12:43, 0] printing/print_cups.c:cups_connect(69) Unable to connect to CUPS server localhost:631 - Connection refused [2009/11/17 09:32:28, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:32, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:26:38, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:27:03, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:27:29, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-3174 to uid or gid. As per your instruction i convert one systems from our domain to workgroup and restart the system and once again i convert to my domain, eventhough i am not able to give permission from my system. 1. In My client Xp system what i want to check regarding SID infomation ? 2. How to solve the "unable to map SID" error in server. I am having more than 2500 client system. C U Next Mail Raj Take Care HAVE A NICE DAY --- On Sun, 8/11/09, D.Rajan wrote: From: D.Rajan Subject: Samba + LDAP error in windows xp while ACL To: samba@lists.samba.org Date: Sunday, 8 November, 2009, 6:08 PM Dear all, I am using Samba + PDC LDAP in a single server. From last month onward i am facing problem When I set manualy the acl (setfacl -m g:group:rwx the_file) It's ok, the other domain member see the ACL But when I set the acl with a Windows Workstation, that's don't work it gives the furnished error : sys...@sangam:/var/log/samba$ tailf log.r-sys-03703 [2009/11/08 17:54:05, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:09, 0] passdb/pdb_ldap.c:ldapuser2displayentry(4211) sid S-1-5-21-3986255151-1643105893-2919334401-3002 does not belong to our domain . . . [2009/11/08 17:54:15, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:17, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-27594 to uid or gid. C U Next Mail Raj Take Care HAVE A NICE DAY The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- http://linuxinterviews.blogspot.com The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP error in windows xp while ACL
Dear rajan Did you set ldap admin password for samba by using following command. root#smbpasswd -w By the way you can also use *pdbedit -Lv* command to ensure samba is communicating to ldap properly. Thanks On Tue, Nov 17, 2009 at 10:55 AM, D.Rajan wrote: > Dear All, > >What the files i need to be check to solve the problem. i am having > PDC & BDC > > r...@sangam:/var/log/samba# net getlocalsid > SID for domain SANGAM is: S-1-5-21-4020846335-601350461-1468625926 > > r...@vaigai:~# net getlocalsid > SID for domain VAIGAI is: S-1-5-21-4020846335-601350461-1468625926 > > Error while ACL from windows XP: > > > ys...@sangam:/var/log/samba$ tailf log.kh-sys-02635 > [2009/11/16 19:12:43, 0] printing/print_cups.c:cups_connect(69) > Unable to connect to CUPS server localhost:631 - Connection refused > [2009/11/17 09:32:28, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/17 09:32:32, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/17 10:26:38, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/17 10:27:03, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/17 10:27:29, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) > create_canon_ace_lists: unable to map SID > S-1-5-21-4020846335-601350461-1468625926-3174 to uid or gid. > > As per your instruction i convert one systems from our domain to workgroup > and restart the system and once again i convert to my domain, eventhough i > am not able to give permission from my system. > > 1. In My client Xp system what i want to check regarding SID infomation ? > 2. How to solve the "unable to map SID" error in server. > > I am having more than 2500 client system. > > C U Next Mail > Raj > > Take Care > HAVE A NICE DAY > > > --- On Sun, 8/11/09, D.Rajan wrote: > > > From: D.Rajan > Subject: Samba + LDAP error in windows xp while ACL > To: samba@lists.samba.org > Date: Sunday, 8 November, 2009, 6:08 PM > > > > > > > > Dear all, > > I am using Samba + PDC LDAP in a single server. From last month onward i > am facing problem > When I set manualy the acl (setfacl -m g:group:rwx the_file) > It's ok, the other domain member see the ACL > > But when I set the acl with a Windows Workstation, that's don't work it > gives the furnished error : > > sys...@sangam:/var/log/samba$ tailf log.r-sys-03703 > > [2009/11/08 17:54:05, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/08 17:54:09, 0] passdb/pdb_ldap.c:ldapuser2displayentry(4211) > sid S-1-5-21-3986255151-1643105893-2919334401-3002 does not belong to our > domain > . > . > . > [2009/11/08 17:54:15, 0] auth/auth_util.c:create_builtin_users(758) > create_builtin_users: Failed to create Users > [2009/11/08 17:54:17, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) > create_canon_ace_lists: unable to map SID > S-1-5-21-4020846335-601350461-1468625926-27594 to uid or gid. > > > > > > > > C U Next Mail > Raj > > Take Care > HAVE A NICE DAY > > > > The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. > > > The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. > http://in.yahoo.com/ > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- http://linuxinterviews.blogspot.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP error in windows xp while ACL
Dear All, What the files i need to be check to solve the problem. i am having PDC & BDC r...@sangam:/var/log/samba# net getlocalsid SID for domain SANGAM is: S-1-5-21-4020846335-601350461-1468625926 r...@vaigai:~# net getlocalsid SID for domain VAIGAI is: S-1-5-21-4020846335-601350461-1468625926 Error while ACL from windows XP: ys...@sangam:/var/log/samba$ tailf log.kh-sys-02635 [2009/11/16 19:12:43, 0] printing/print_cups.c:cups_connect(69) Unable to connect to CUPS server localhost:631 - Connection refused [2009/11/17 09:32:28, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:32, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 09:32:49, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:26:38, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:27:03, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/17 10:27:29, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-3174 to uid or gid. As per your instruction i convert one systems from our domain to workgroup and restart the system and once again i convert to my domain, eventhough i am not able to give permission from my system. 1. In My client Xp system what i want to check regarding SID infomation ? 2. How to solve the "unable to map SID" error in server. I am having more than 2500 client system. C U Next Mail Raj Take Care HAVE A NICE DAY --- On Sun, 8/11/09, D.Rajan wrote: From: D.Rajan Subject: Samba + LDAP error in windows xp while ACL To: samba@lists.samba.org Date: Sunday, 8 November, 2009, 6:08 PM Dear all, I am using Samba + PDC LDAP in a single server. From last month onward i am facing problem When I set manualy the acl (setfacl -m g:group:rwx the_file) It's ok, the other domain member see the ACL But when I set the acl with a Windows Workstation, that's don't work it gives the furnished error : sys...@sangam:/var/log/samba$ tailf log.r-sys-03703 [2009/11/08 17:54:05, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:09, 0] passdb/pdb_ldap.c:ldapuser2displayentry(4211) sid S-1-5-21-3986255151-1643105893-2919334401-3002 does not belong to our domain . . . [2009/11/08 17:54:15, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:17, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-27594 to uid or gid. C U Next Mail Raj Take Care HAVE A NICE DAY The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP error in windows xp while ACL
Did this use to work OK? It sounds like samba is not properly mapping YOURDOMAIN\username in Windows to the underlying unix account.Do you create the unix accounts first or does samba automatically create them? Either way, I think your LDAP entry for each user should include the unix uid number as well as the samba sid. What happens if you type "wbinfo -s SID S-1-5-21-4020846335-601350461-1468625926-27594?" Also, if I am reading this correctly, the log files seem to indicate two domains are involved here- *-3986255151-* and *-4020846335-* I have had problems getting the SID to unix id mapping stuff working properly with member samba servers (not with XP clients.) Can you try removing and rejoining an XP machine to the domain? -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of D.Rajan Sent: Sunday, November 08, 2009 7:39 AM To: samba@lists.samba.org Subject: [Samba] Samba + LDAP error in windows xp while ACL Dear all, I am using Samba + PDC LDAP in a single server. From last month onward i am facing problem When I set manualy the acl (setfacl -m g:group:rwx the_file) It's ok, the other domain member see the ACL But when I set the acl with a Windows Workstation, that's don't work it gives the furnished error : sys...@sangam:/var/log/samba$ tailf log.r-sys-03703 [2009/11/08 17:54:05, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:09, 0] passdb/pdb_ldap.c:ldapuser2displayentry(4211) sid S-1-5-21-3986255151-1643105893-2919334401-3002 does not belong to our domain . . . [2009/11/08 17:54:15, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:17, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-27594 to uid or gid. C U Next Mail Raj Take Care HAVE A NICE DAY The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba + LDAP error in windows xp while ACL
Dear all, I am using Samba + PDC LDAP in a single server. From last month onward i am facing problem When I set manualy the acl (setfacl -m g:group:rwx the_file) It's ok, the other domain member see the ACL But when I set the acl with a Windows Workstation, that's don't work it gives the furnished error : sys...@sangam:/var/log/samba$ tailf log.r-sys-03703 [2009/11/08 17:54:05, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:09, 0] passdb/pdb_ldap.c:ldapuser2displayentry(4211) sid S-1-5-21-3986255151-1643105893-2919334401-3002 does not belong to our domain . . . [2009/11/08 17:54:15, 0] auth/auth_util.c:create_builtin_users(758) create_builtin_users: Failed to create Users [2009/11/08 17:54:17, 0] smbd/posix_acls.c:create_canon_ace_lists(1438) create_canon_ace_lists: unable to map SID S-1-5-21-4020846335-601350461-1468625926-27594 to uid or gid. C U Next Mail Raj Take Care HAVE A NICE DAY The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba