Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[Samba] New Samba GroupMapping

5 views
Skip to first unread message

CAT

unread,
Sep 15, 2006, 7:00:18 AM9/15/06
to
Hello List,


In my logfile I found:

Sep 11 18:40:58 gateway smbd[92133]: [2006/09/11 18:40:58, 0] auth/auth_util.c:create_builtin_administrators(785)
Sep 11 18:40:58 gateway smbd[92133]: create_builtin_administrators: Failed to create Administrators
Sep 11 18:40:58 gateway smbd[92133]: [2006/09/11 18:40:58, 0] auth/auth_util.c:create_builtin_users(751)
Sep 11 18:40:58 gateway smbd[92133]: create_builtin_users: Failed to create Users


Someone gave me the advice to read 'WhatsNEW'!


Group Mapping Changes
=====================

The default mapping entries for groups such as "Domain Admins" are
no longer created when using an smbpasswd file or a tdbsam passdb
backend. This means that it is necessary to use 'net groupmap
add' rather than 'net groupmap modify' to set these entries.
This change has no effect on winbindd's IDmap functionality for
domain groups.

What does that means?
The default mapping entries were now made only whenn using LDAP?
It is not a problem to create the entries by hand or script but it would
be usefull
having a table with the sid key's or am i wrong?

Another Problem ist getting the usersidlist.

# net usersidlist
[2006/09/14 12:30:00, 0] utils/net_rpc.c:net_usersidlist(4716)
Could not get the user/sid list

Why? I foudn no answer in the web.


Thnx

regards

CAT

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

Felipe Augusto van de Wiel

unread,
Sep 18, 2006, 9:30:24 AM9/18/06
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/14/2006 07:29 AM, CAT escreveu:
> Hello List,
> In my logfile I found:
> Sep 11 18:40:58 gateway smbd[92133]: [2006/09/11 18:40:58, 0]
> auth/auth_util.c:create_builtin_administrators(785)
> Sep 11 18:40:58 gateway smbd[92133]: create_builtin_administrators:
> Failed to create Administrators
> Sep 11 18:40:58 gateway smbd[92133]: [2006/09/11 18:40:58, 0]
> auth/auth_util.c:create_builtin_users(751)
> Sep 11 18:40:58 gateway smbd[92133]: create_builtin_users: Failed to
> create Users
>
> Someone gave me the advice to read 'WhatsNEW'!
> Group Mapping Changes

[...]

> What does that means?
> The default mapping entries were now made only whenn using LDAP?
> It is not a problem to create the entries by hand or script but it would
> be usefull
> having a table with the sid key's or am i wrong?

No, it means that the entry is not automatically created
anymore, so you need to 'net groupmap add' instead of 'net
groupmap modify'.


> Another Problem ist getting the usersidlist.
>
> # net usersidlist
> [2006/09/14 12:30:00, 0] utils/net_rpc.c:net_usersidlist(4716)
> Could not get the user/sid list
>
> Why? I foudn no answer in the web.

Hmmm... that's strange, maybe you had problems with your
migration or something like that. We will need your smb.conf and
you should check it with 'testparm -v'.

> Thnx
> regards
> CAT

Kind regards,

- --
Felipe Augusto van de Wiel <fel...@paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFDp1dCj65ZxU4gPQRAuFJAKDCybqFAw4Ue6xSWWXZYrcpaipYowCfQXgu
7Ve85yKIHqHACCMB2Aetf64=
=0Hpj
-----END PGP SIGNATURE-----

Gerald (Jerry) Carter

unread,
Sep 18, 2006, 12:00:14 PM9/18/06
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CAT wrote:
> Hello List,
>
>
> In my logfile I found:
>
> Sep 11 18:40:58 gateway smbd[92133]: [2006/09/11 18:40:58, 0]
> auth/auth_util.c:create_builtin_administrators(785)
> Sep 11 18:40:58 gateway smbd[92133]: create_builtin_administrators:
> Failed to create Administrators
> Sep 11 18:40:58 gateway smbd[92133]: [2006/09/11 18:40:58, 0]
> auth/auth_util.c:create_builtin_users(751)
> Sep 11 18:40:58 gateway smbd[92133]: create_builtin_users: Failed to
> create Users

These are bogus error messages if you are using an
idmap backend other than tdb or ldap. I've raised the
log level in the next release.

>
>
> Group Mapping Changes
> =====================
>
> The default mapping entries for groups such as "Domain Admins" are
> no longer created when using an smbpasswd file or a tdbsam passdb
> backend. This means that it is necessary to use 'net groupmap
> add' rather than 'net groupmap modify' to set these entries. This
> change has no effect on winbindd's IDmap functionality for
> domain groups.
>
> What does that means?

It means that we don't create the those SID -> -1 entries
in group_mapping.tdb anymore by default. the ldapsam
backend has always worked this way.

> # net usersidlist
> [2006/09/14 12:30:00, 0] utils/net_rpc.c:net_usersidlist(4716)
> Could not get the user/sid list
>
> Why? I foudn no answer in the web.


ERRnotenoughinfo


cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFDeNIIR7qMdg1EfYRAjNWAJ0S39SQ+vqkK8NL6Fs8tYwTZq3bEwCgxcSZ
VZE/QJpzy7tgxwpiR6SxuiU=
=1VGm
-----END PGP SIGNATURE-----

0 new messages