I followed the document until I get the following error: #/opt/fedora-ds/slapd-miapogo/ldif2ldap "cn=Directory Manager" fds80000 /tmp/sambaGroups.ldif This command returns: adding new entry cn=Domain Admins,ou=Groups,dc=sefsc,dc=noaa,dc=gov adding new entry cn=Domain Users,ou=Groups,dc=sefsc,dc=noaa,dc=gov adding new entry cn=Domain Guests,ou=Groups,dc=sefsc,dc=noaa,dc=gov adding new entry cn=Domain Computers,ou=Groups,dc=sefsc,dc=noaa,dc=gov I then run the following command: # net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' This command returns: [2005/08/19 09:48:37, 0] passdb/pdb_ldap.c:ldapsam_add_group_mapping_entry(2330) ldapsam_add_group_mapping_entry: failed to add group 2512 error: Insufficient 'write' privilege to teh 'sambaSID' attribute of entry 'cn=domain admins,ou=groups,dc=sefsc,dc=noaa,dc=gov'. (Insufficient access) adding entry for group Domain Admins failed! I am a novice on this subject and have no idea how to fix it. Please help! Tom Tran ----- Original Message ----- From: <Tom.Tran at noaa.gov> Date: Wednesday, August 17, 2005 3:15 pm Subject: Samba - Fedora-ds Integration (HOWTO:SAMBA) > Hi, > > I have problems with following the instruction in the HOWTO:SAMBA > document. I have RedHat 4.1.18, samba-3.0.10, and > fedora-ds-7.1-2.RHEL4. I don't have ldap or openldap installed > because > I am using fedora-ds > instead. I tested samba and fedora-ds, both seemed to work fine. > I > also made sure that samba's daemons > (smbd, nmbd, winbindd), and fedora-ds were started > > I followed the steps in the HOWTO:SAMBA doc, when I reached the > step "Populating FDS with PDC > Entry" and ran the command: > # net getlocalsid > I got the message: > lib/smbldap.c:smbldap_search_domain_info(1392) > Adding domain info to SEFSC failed with NT_STATUS_UNSUCCESSFUL > SID for domain MIAPOGO is : S-1-5-21-2139381707-154793685- > 3088283579 > Here is my /etc/samba/smb.conf > ------------------------------ > # Global parameters > [global] > workgroup = SEFSC > netbios name = MIAPOGO > server string = Samba %u on (%L) > log file = /var/log/samba/%m.log > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = /etc/printcap > dns proxy = No > idmap uid = 16777216-33554431 > idmap gid = 16777216-33554431 > cups options = raw > > security = user > passdb backend = ldapsam:ldap://miapogo.sefsc.noaa.gov > ldap suffix = dc=sefsc,dc=noaa,dc=gov > ldap user suffix = ou=People > ldap machine suffix = ou=Computers > ldap group suffix = ou=Groups > > os level = 33 > domain logons = yes > domain master = yes > local master = yes > preferred master = yes > > wins support = yes > > logon home = \\%L\%u\profiles > logon path = \\%L\profiles\%u > logon drive = H: > > template shell = /bin/false > winbind use default domain = yes > > [netlogon] > path = /var/lib/samba/netlogon > read only = yes > browseable = no > > [profiles] > path = /var/lib/samba/profiles > read only = no > create mask = 0600 > directory mask = 0700 > > [homes] > comment = Home Directories > read only = No > browseable = No > > [printers] > comment = All Printers > path = /var/spool/samba > printable = Yes > browseable = No > -------------------------- > > Tom Tran > > >
