--- passdb/pdb_ldap.c.orig	2004-01-06 22:08:40.000000000 +0100
+++ passdb/pdb_ldap.c	2004-01-19 12:44:41.000000000 +0100
@@ -1910,10 +1910,16 @@
 
 	if (NT_STATUS_IS_OK(ldapsam_getgrgid(methods, &dummy,
 					     map->gid))) {
-		DEBUG(0, ("ldapsam_add_group_mapping_entry: Group %ld already exists in LDAP\n", (unsigned long)map->gid));
+		DEBUG(0, ("ldapsam_add_group_mapping_entry: Unix group %ld already mapped in LDAP\n", (unsigned long)map->gid));
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
+	if (NT_STATUS_IS_OK(ldapsam_getgrsid(methods, &dummy,
+					     map->sid))) {
+		DEBUG(0, ("ldapsam_add_group_mapping_entry: SID already mapped in LDAP\n"));
+		return NT_STATUS_UNSUCCESSFUL;
+	}	
+	
 	rc = ldapsam_search_one_group_by_gid(ldap_state, map->gid, &result);
 	if (rc != LDAP_SUCCESS) {
 		ldap_msgfree(result);
@@ -1991,6 +1997,14 @@
 	LDAPMessage *entry = NULL;
 	LDAPMod **mods = NULL;
 
+	GROUP_MAP dummy;
+		
+	if (NT_STATUS_IS_OK(ldapsam_getgrgid(methods, &dummy,
+					     map->gid))) {
+	DEBUG(0, ("ldapsam_update_group_mapping_entry: Unix group %ld already mapped in LDAP\n", (unsigned long)map->gid));
+	return NT_STATUS_UNSUCCESSFUL;
+	}
+
 	rc = ldapsam_search_one_group_by_gid(ldap_state, map->gid, &result);
 
 	if (rc != LDAP_SUCCESS) {