[K12OSN] smbldap PDC login question

cliebow at downeast.net cliebow at downeast.net
Thu Feb 24 14:41:41 UTC 2005 

fwiw: your Doamin Admins acct has  an id of 200 but win is looking for
domain admions group as group  513.how did domain admins get a gid of
2025??..chuck


> Please have patience with a newbie question.
> 
> I've configured the PDC (Fedora Core 2) according to
> the documentation listed at: Samba-LDAP How-To using
> Samba v.htm.  While the script mentioned at the
> website did most of the work for me, I did have to
> tweak a few things.
> 
> Right now, I've been able to join the domain with the
> Win2k pc, but when I try to login, I get the error in
> the samba logs:
> [2005/02/24 05:48:18, 1]
> rpc_server/srv_netlog_nt.c:_net_sam_logon(766)
>  _net_sam_logon: user MTOLYMPUS\gregor has user sid
> S-1-5-21-1526078720-2158179
> 384-3381526886-2000
>   but group sid S-1-5-32-513.
>  The conflicting domain portions are not supported for
> NETLOGON calls
> 
> The group sid S-1-5-32-513 used to be the sid for
> Domain Users...
> 
> I've rebuilt the group mapping:
> 
> [root at medusa samba]# net groupmap list
> Domain Admins
> (S-1-5-21-1526078720-2158179384-3381526886-2025) ->
> Domain Admins
> Domain Users
> (S-1-5-21-1526078720-2158179384-3381526886-2027) ->
> Domain Users
> Domain Guests
> (S-1-5-21-1526078720-2158179384-3381526886-2029) ->
> Domain Guests
> Domain Computers
> (S-1-5-21-1526078720-2158179384-3381526886-2031) ->
> Domain Computers
> Administrators
> (S-1-5-21-1526078720-2158179384-3381526886-2089) ->
> Administrators
> Print Operators
> (S-1-5-21-1526078720-2158179384-3381526886-2101) ->
> Print Operators
> Backup Operators
> (S-1-5-21-1526078720-2158179384-3381526886-2103) ->
> Backup Operators
> Replicators
> (S-1-5-21-1526078720-2158179384-3381526886-2105) ->
> Replicators
> 
> But still I get the same erros in the log.  I've
> restarted samba and ldap.  What am I doing wrong?
> 
> Greg
> 
> 
> 
> 		
> __________________________________ 
> Do you Yahoo!? 
> Take Yahoo! Mail with you! Get it on your mobile phone. 
> http://mobile.yahoo.com/maildemo 
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 


---------------------------------------------
This message was sent from Downeast.Net.
http://ellsworthme.com/

More information about the K12OSN mailing list