Re: [Samba] Still having groupmap problems
Friday, December 19, 2003, 12:02:57 AM, Robert wrote: > Beast wrote: >> >> What's the ldap.log says? >> >> --beast >> > I do not have a /var/log/ldap.log and I don't see any errors in > /var/log/syslog either (This is running on Debian stable). What log > level does slapd need to be set at (and how would one do it? I see > multiple options for logging with slapd)? by default log level is enough (256) using local4 facility. in /etc/syslog.conf make sure you have something like : local4.*-/var/log/ldap.log or run slapd without daemon mode. --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Fwd: [Samba] Still having groupmap problems]
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Rati wrote: | Dec 18 13:35:36 wdselab-a-1-100 net: ldapsam_search_one_group: Problem | during the LDAP search: LDAP error: invalid DN (Invalid DN | syntax)ldapsam_search_one_group: Query was: "ou=Groups","dc=", | (&(objectClass=sambaGroupMapping)(gidNumber=4294967295)) (gdb) print (int)4294967295 $1 = -1 Did you see the other message about not using quotes surrounding the ldap suffixes in smb.conf? cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/4hA0IR7qMdg1EfYRAqHBAKCWdybrn95u0RHol8qVUBKoBtJ6DgCfajBU 3wkZIguo9U1r3NHo78W4+gs= =uOPh -END PGP SIGNATURE- I missed that message. I removed the quotes from my smb.conf file and now I can do a groupmap list (whereas before I couldn't) and groupmap add, so the quotes appear to be the problem. Thanks! Rob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Fwd: [Samba] Still having groupmap problems]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Rati wrote: | Dec 18 13:35:36 wdselab-a-1-100 net: ldapsam_search_one_group: Problem | during the LDAP search: LDAP error: invalid DN (Invalid DN | syntax)ldapsam_search_one_group: Query was: "ou=Groups","dc=", | (&(objectClass=sambaGroupMapping)(gidNumber=4294967295)) (gdb) print (int)4294967295 $1 = -1 Did you see the other message about not using quotes surrounding the ldap suffixes in smb.conf? cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/4hA0IR7qMdg1EfYRAqHBAKCWdybrn95u0RHol8qVUBKoBtJ6DgCfajBU 3wkZIguo9U1r3NHo78W4+gs= =uOPh -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Fwd: [Samba] Still having groupmap problems]
I turned on debug level 10 (by adding -d 10 to the net command), and I see this over and over again in the syslog: Dec 18 13:35:36 wdselab-a-1-100 net: ldapsam_search_one_group: Problem during the LDAP search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group: Query was: "ou=Groups","dc=", (&(objectClass=sambaGroupMapping)(gidNumber=4294967295)) So why is that gidNumber being used? I can't find a way to change this search query in any way. I manually added the objectClass=sambaGroupMapping and it's corresponding entries to my LDAP database before I did this. Would that cause a problem? Rob Original Message ---- Subject: [Samba] Still having groupmap problems Date: Wed, 17 Dec 2003 14:00:19 -0600 From: Robert Rati<[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> I have two samba servers on two separate subnets that are comprising a single domain, and one of the samba servers is also the LDAP server. I've gotten everything configured except that I can't use the groupmap command. When I run: net groupmap add sid=-512 ntgroup="Domain Admins" unixgroup=dom_admin type=domain I get this error over and over again (and increasing the log level via smbcontrol doesn't seem to provide any more information): ldapsam_search_one_group: Problem during the LDAP search: LDAP error: invalid DN (Invalid DN syntax) I also see this message every so often in the syslogs of both samba servers: passdb/pdb_ldap.c:ldapsam_search_one_group(1612) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group: Query was: "ou=Groups","dc=", (&(objectClass=sambaGroupMapping)(gidNumber=65534)) Are the samba servers trying to get group mappings from each other? Is gidNumber=65534 being used because the group mapping isn't setup? Can someone give me any advice on things to try to find the problem with my group map actions? Any help would be appreciated. Rob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Still having groupmap problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Rati wrote: | passdb/pdb_ldap.c:ldapsam_search_one_group(1612) | ldapsam_search_one_group: Problem during the LDAP search: LDAP error: | invalid DN (Invalid DN syntax)ldapsam_search_one_group: Query was: | "ou=Groups","dc=", ~ ^ Just a guess, but don't add quotes around the various LDAP suffixes in smb.conf. - -- cheers, jerry ~ -- ~ Hewlett-Packard- http://www.hp.com ~ SAMBA Team -- http://www.samba.org ~ GnuPG Key http://www.plainjoe.org/gpg_public.asc ~ "If we're adding to the noise, turn off this song" --Switchfoot (2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/4cdjIR7qMdg1EfYRAu53AJ4lZMGXN8dYSQjZYMCoaS63w/xf7ACeJu2E TIOMbTQqO41S6gv36HFeHWI= =NkAz -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Still having groupmap problems
I have two samba servers on two separate subnets that are comprising a single domain, and one of the samba servers is also the LDAP server. I've gotten everything configured except that I can't use the groupmap command. When I run: net groupmap add sid=-512 ntgroup="Domain Admins" unixgroup=dom_admin type=domain I get this error over and over again (and increasing the log level via smbcontrol doesn't seem to provide any more information): ldapsam_search_one_group: Problem during the LDAP search: LDAP error: invalid DN (Invalid DN syntax) I also see this message every so often in the syslogs of both samba servers: passdb/pdb_ldap.c:ldapsam_search_one_group(1612) ldapsam_search_one_group: Problem during the LDAP search: LDAP error: invalid DN (Invalid DN syntax)ldapsam_search_one_group: Query was: "ou=Groups","dc=", (&(objectClass=sambaGroupMapping)(gidNumber=65534)) Are the samba servers trying to get group mappings from each other? Is gidNumber=65534 being used because the group mapping isn't setup? Can someone give me any advice on things to try to find the problem with my group map actions? Any help would be appreciated. Rob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
