Ok, figured it out kinda... or at least got the groupmapping working and thats a relief. The problem was in the smb.conf file which I will include the updated one below. Which leaves me with only two questions: When I run "ldapsearch -x -Z '(uid=testuser)' I get the following error and info: [root@beefylinux slapd-beefylinux]# ldapsearch -x -Z '(uid=testuser)' ldap_start_tls: Protocol error (2) additional info: unsupported extended operation # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=testuser) # requesting: ALL # # testuser, People, <a href="http://beefylinux.com">beefylinux.com</a> dn: uid=testuser,ou=People,dc=beefylinux,dc=com uid: testuser sambaSID: S-1-5-21-110894667-3098860623-2699652354-2006 sambaPrimaryGroupSID: S-1-5-21-110894667-3098860623-2699652354-513 displayName: Test domainshiat sambaPwdCanChange: 1127837149 sambaPwdMustChange: 2147483647 sambaLMPassword: ECD96218B47A5336AAD3B435B51404EE sambaNTPassword: 3F5A79137212E2026748DDA7A48F656C sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 sambaPwdLastSet: 1127837149 sambaAcctFlags: [U ] objectClass: sambaSamAccount objectClass: account objectClass: top # search result search: 3 result: 0 Success # numResponses: 2 # numEntries: 1 [root@beefylinux slapd-beefylinux]# ****************************************************************************** last question is how to add a domain computer account to a windows machine could join the domain.. Thank you again Ryan <div>On 9/27/05, <a href="mailto:fedora-directory-users-request@redhat.com">fedora-directory-users-request@redhat.com</a> <<a href="mailto:fedora-directory-users-request@redhat.com"> fedora-directory-users-request@redhat.com</a>> wrote:<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Send Fedora-directory-users mailing list submissions to <a href="mailto:fedora-directory-users@redhat.com">fedora-directory-users@redhat.com</a> To subscribe or unsubscribe via the World Wide Web, visit <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users"> https://www.redhat.com/mailman/listinfo/fedora-directory-users</a> or, via email, send a message with subject or body 'help' to <a href="mailto:fedora-directory-users-request@redhat.com">fedora-directory-users-request@redhat.com </a> You can reach the person managing the list at <a href="mailto:fedora-directory-users-owner@redhat.com">fedora-directory-users-owner@redhat.com</a> When replying, please edit your Subject line so it is more specific than "Re: Contents of Fedora-directory-users digest..." Today's Topics: 1. FC3 - AdminUtil - Prb3 (Jason Kullo Sam) 2. Re: FC3 - AdminUtil - Prb3 (Noriko Hosoi) 3. FDS && SAMBA (Ryan Taylor) ---------------------------------------------------------------------- Message: 1 Date: Mon, 26 Sep 2005 15:48:26 -0600 From: Jason Kullo Sam <<a href="mailto:kullo@lws.bia.edu">kullo@lws.bia.edu </a>> Subject: [Fedora-directory-users] FC3 - AdminUtil - Prb3 To: <a href="mailto:fedora-directory-users@redhat.com">fedora-directory-users@redhat.com</a> Message-ID: <<a href="mailto:43386CAA.2060208@lws.bia.edu"> 43386CAA.2060208@lws.bia.edu</a>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Ok...NEXT screwup on my part...here is below. Got past the perl scripts...now onto...???SOMETHING??? FC3 box...adminutil setup...and once more...thanks for all your help so far guys! =================================================================== [root@genie fedora-adminutil-devel-7.1]# gmake BUILD_DEBUG=optimize BUILD_RPM=1 cat: /root/Desktop/dsbuild-static/ds/fedora- adminutil-devel-7.1/Linux2.6/buildnum.dat: No such file or directory if test ! -d Linux2.6; then mkdir Linux2.6; fi; /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/buildnum.pl -p Linux2.6 perl /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/pumpkin.pl 90 pumpkin.dat if test ! -d /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal/include; then mkdir -p /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal/include; fi; /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/dirver.pl -v "7.1" -o /root/Desktop/dsbuild-static/ds/fedora- adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal/include/dirver.h The components are up to date ==== Building AdminUtil ========== cd lib/libadminutil; gmake BUILD_OPT=1 NSPR_BASENAME= USE_PTHREADS=1 SECURITY=domestic MOZILLA_SOURCE_ROOT_EXT= ICU_SOURCE_ROOT_EXT= USE_64= gmake[1]: Entering directory `/root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/lib/libadminutil' echo /root/Desktop/dsbuild-static/ds/fedora- adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.a /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.a echo /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.so /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil71.so ---------------------- SNIP MAKE CRUD ----------------------------------------- -I../../../mozilla/dist/Linux2.6_x86_glibc_PTH_OPT.OBJ/include -I../../../mozilla/dist/public/nss -I../../../mozilla/dist/public/ldap -I../../../icu/built/include strlist.c -o /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil/strlist.o gcc -c -fPIC -pipe -DLINUX -Dlinux -DBSD -D_POSIX_SOURCE -D_XOPEN_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DNO_DBM -DNO_NODELOCK -DXP_UNIX -DLinux -O2 -DNET_SSL -DSPAPI20 -DBUILD_NUM=\"2005.269.2130\" -I/root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/include -I../../../mozilla/dist/Linux2.6_x86_glibc_PTH_OPT.OBJ/include -I../../../mozilla/dist/public/nss -I../../../mozilla/dist/public/ldap -I../../../icu/built/include resource.c -o /root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil/resource.o resource.c:26:26: unicode/ures.h: No such file or directory resource.c:27:29: unicode/ustring.h: No such file or directory resource.c: In function `res_getstring': resource.c:90: error: `UResourceBundle' undeclared (first use in this function) resource.c:90: error: (Each undeclared identifier is reported only once resource.c:90: error: for each function it appears in.) resource.c:90: error: `bundle' undeclared (first use in this function) resource.c:91: error: `UErrorCode' undeclared (first use in this function) resource.c:91: error: syntax error before "status" resource.c:98: error: `status' undeclared (first use in this function) resource.c :102: error: syntax error before '*' token resource.c:104: error: `umsg' undeclared (first use in this function) resource.c:110: warning: assignment makes pointer from integer without a cast resource.c:113: error: `U_ZERO_ERROR' undeclared (first use in this function) gmake[1]: *** [/root/Desktop/dsbuild-static/ds/fedora-adminutil-devel-7.1/built/Linux2.6-domestic-optimize-normal-pth/lib/libadminutil/resource.o] Error 1 gmake[1]: Leaving directory `/root/Desktop/dsbuild-static/ds/fedora- adminutil-devel-7.1/lib/libadminutil' gmake: *** [buildAdminUtil] Error 2 [root@genie fedora-adminutil-devel-7.1]# ------------------------------ Message: 2 Date: Mon, 26 Sep 2005 15:02:04 -0700 From: Noriko Hosoi <<a href="mailto:nhosoi@redhat.com">nhosoi@redhat.com</a>> Subject: Re: [Fedora-directory-users] FC3 - AdminUtil - Prb3 To: "General discussion list for the Fedora Directory server project." <<a href="mailto:fedora-directory-users@redhat.com">fedora-directory-users@redhat.com</a>> Message-ID: <<a href="mailto:43386FDC.3070900@redhat.com">43386FDC.3070900@redhat.com</a>> Content-Type: text/plain; charset="us-ascii" An HTML attachment was scrubbed... URL: <a href="https://www.redhat.com/archives/fedora-directory-users/attachments/20050926/8674a01d/attachment.html">https://www.redhat.com/archives/fedora-directory-users/attachments/20050926/8674a01d/attachment.html </a> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3170 bytes Desc: S/MIME Cryptographic Signature Url : <a href="https://www.redhat.com/archives/fedora-directory-users/attachments/20050926/8674a01d/smime.bin"> https://www.redhat.com/archives/fedora-directory-users/attachments/20050926/8674a01d/smime.bin</a> ------------------------------ Message: 3 Date: Tue, 27 Sep 2005 10:02:42 -0400 From: Ryan Taylor < <a href="mailto:rtaylor82@gmail.com">rtaylor82@gmail.com</a>> Subject: [Fedora-directory-users] FDS && SAMBA To: <a href="mailto:fedora-directory-users@redhat.com">fedora-directory-users@redhat.com</a> Message-ID: <<a href="mailto:611ae400050927070224ed2dc3@mail.gmail.com">611ae400050927070224ed2dc3@mail.gmail.com</a>> Content-Type: text/plain; charset="iso-8859-1" hi, followed the howto at: <a href="http://directory.fedora.redhat.com/wiki/Howto:Sambaword">http://directory.fedora.redhat.com/wiki/Howto:Sambaword</a> for word and ran into same problems... When I try to exec net groupmap add... I get error: [root@beefylinux ~]# net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' Can't lookup UNIX group Domain Admins [root@beefylinux ~]# ************************************************ if I run getent group: ************************************************* [root@beefylinux ~]# getent group root::0:root bin::1:root,bin,daemon daemon::2:root,bin,daemon sys::3:root,bin,adm adm::4:root,adm,daemon tty::5: disk::6:root lp::7:daemon,lp mem::8: kmem::9: wheel::10:root mail::12:mail news::13:news uucp::14:uucp man::15: games::20: gopher::30: dip::40: ftp::50: lock::54: nobody::99: users:!!:100:micro dbus:x:81: floppy:x:19: vcsa:x:69: nscd:x:28: rpm:x:37: haldaemon:x:68: utmp:x:22: netdump:x:34: slocate:x:21: sshd:x:74: rpc:x:32: rpcuser:x:29: nfsnobody:x:65534: mailnull:x:47: smmsp:x:51: pcap:x:77: apache:x:48: squid:x:23: webalizer:x:67: xfs:x:43: ntp:x:38: gdm:x:42: mysql:x:27: micro:!:500: ldap:!:55: dcldap::501: Domain Admins:x:2512: Domain Users:x:2513: Domain Guests:x:2514: Domain Computers:x:2515: [root@beefylinux ~]# ****************************************************************** Which is what I have read it is supposed to say... My smb.conf is as follows: ****************************************************************** [root@beefylinux ~]# cat /etc/samba/smb.conf # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. # #======================= Global Settings ===================================== [global] log file = /var/log/samba/%m.log load printers = yes idmap gid = 16777216-33554431 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 null passwords = yes template shell = /bin/false dns proxy = no cups options = raw netbios name = beefylinux server string = BEEFYLINUX idmap uid = 16777216-33554431 password server = None workgroup = workgroup os level = 33 domain logons = yes domain master = yes local master = yes preferred master = yes wins support = yes logon home = \\%L\%u\profiles logon path = \\%L\profiles\%u logon drive = H: template shell = /bin/false winbind use default domain = no printcap name = /etc/printcap username map = /etc/samba/smbusers max log size = 50 security = user passdb backend = ldapsam:<a href="ldap://beefylinux.com">ldap://beefylinux.com</a> ldap admin dn = cn=Directory Manager ldap suffix = dc=beefylinux,dc=com ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups [netlogon] path = /var/lib/samba/netlogon read only = yes browsable = no [profiles] path = /var/lib/samba/profiles read only = no create mask = 0600 directory mask = 0700 [homes] browsable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print public = yes printable = yes [Another] comment = The other one path = /another force user = netfiles force group = users read only = No guest ok = Yes [Share] comment = Our file share path = /linsys force user = netfiles force group = users read only = No guest ok = Yes [Wisker] comment = long path = /home/micro/Desktop/SHARED force user = micro force group = micro read only = No guest ok = Yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; read only = yes ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %u option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 #[Share2] #comment = The other one #path = /home/micro/Desktop/SHARED #writeable = yes #guest ok = yes #read only = no #force user = netfiles #force group = users Anyhelp would be greatly appreciated... im also kinda looking ahead and wondering how you setup "Domain computer" accounts so you can add windows machines to domain.. but thats pointless until i can get past this hurdle. Thank you Ryan -------------- next part -------------- An HTML attachment was scrubbed... URL: <a href="https://www.redhat.com/archives/fedora-directory-users/attachments/20050927/dbf373f4/attachment.html"> https://www.redhat.com/archives/fedora-directory-users/attachments/20050927/dbf373f4/attachment.html</a> ------------------------------ -- Fedora-directory-users mailing list <a href="mailto:Fedora-directory-users@redhat.com"> Fedora-directory-users@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a> End of Fedora-directory-users Digest, Vol 4, Issue 22 ***************************************************** </blockquote></div>