By Date:	<-- -->
By Thread:	<-- -->

nested groups with user mapping doesn't work

From: Rainer Weber <raiweber (at) mpim-bonn.mpg.de>
Date: Fri, 02 Feb 2007 15:43:14 +0100

Sorry,
after the user mapping the nt_user_token is

[2007/02/02 15:21:17, 10] auth/auth_util.c:debug_nt_user_token(454)
  NT user token of user S-1-22-1-10002
  contains 6 SIDs
  SID[  0]: S-1-22-1-10002
  SID[  1]: S-1-5-21-781721396-396832292-1671184278-513
  SID[  2]: S-1-1-0
  SID[  3]: S-1-5-2
  SID[  4]: S-1-5-11
  SID[  5]: S-1-5-32-545
  SE_PRIV  0x0 0x0 0x0 0x0

So you can see that the user has no domain groups.

Rainer Weber wrote:

If I activate user mapping again I can only see the following in the log. [2007/02/02 15:21:17, 10] libads/authdata.c:dump_pac_logon_info(723) The PAC: User Flags: 0x20 (32) User Flags: LOGON_EXTRA_SIDS 0x20 (32) User SID: S-1-5-21-781721396-396832292-1671184278-1107 Group SID: S-1-5-21-781721396-396832292-1671184278-513 Group Membership (Global and Universal Groups of own domain): 0: sid: S-1-5-21-781721396-396832292-1671184278-513 attr: 0x7 == SE_GROUP_MANDATORY SE_GROUP_ENABLED_BY_DEFAULT SE_GROUP_ENABLED 1: sid: S-1-5-21-781721396-396832292-1671184278-1118 attr: 0x7 == SE_GROUP_MANDATORY SE_GROUP_ENABLED_BY_DEFAULT SE_GROUP_ENABLED 2: sid: S-1-5-21-781721396-396832292-1671184278-1108 attr: 0x7 == SE_GROUP_MANDATORY SE_GROUP_ENABLED_BY_DEFAULT SE_GROUP_ENABLED 3: sid: S-1-5-21-781721396-396832292-1671184278-1117 attr: 0x7 == SE_GROUP_MANDATORY SE_GROUP_ENABLED_BY_DEFAULT SE_GROUP_ENABLED 4: sid: S-1-5-21-781721396-396832292-1671184278-1115 attr: 0x7 == SE_GROUP_MANDATORY SE_GROUP_ENABLED_BY_DEFAULT SE_GROUP_ENABLED Group Membership (Domain Local Groups and Groups from Trusted Domains): Group Membership (Ressource Groups (SID History ?)):
and
[2007/02/02 15:21:17, 5] auth/auth_util.c:debug_nt_user_token(448)
  NT user token: (NULL)
[2007/02/02 15:21:17, 5] auth/auth_util.c:debug_unix_user_token(474)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
And I nested groups doesn't work.
Can some one please tell me where the problem is?


--
+--------------------------------------+
| Max Planck Institute for Mathematics |
|        System Administration         |
|                                      |
|  Vivatsgasse 7, 53111 Bonn, Germany  |
|  Tel       +49 (0)228-402-239        |
|  Fax       +49 (0)228-402-277        |
|  Email     raiweber (at) mpim-bonn.mpg.de |
+--------------------------------------+
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Follow-Ups:
- nested groups with user mapping doesn't work
  - From: "Gerald (Jerry) Carter" <jerry (at) samba.org>

References:
- nested groups with user mapping doesn't work
  - From: Rainer Weber <raiweber (at) mpim-bonn.mpg.de>
- nested groups with user mapping doesn't work
  - From: Rainer Weber <raiweber (at) mpim-bonn.mpg.de>

Prev by Date: nested groups with user mapping doesn't work
Next by Date: Machine account in smbpasswd is wrong
Previous by thread: nested groups with user mapping doesn't work
Next by thread: nested groups with user mapping doesn't work
Index(es):
- Main
- Thread