Bug 1296 - group_mapping lookup sometimes wrong with ldap
group_mapping lookup sometimes wrong with ldap
Status: RESOLVED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts
3.0.2a
All All
: P3 normal
: none
Assigned To: Samba Bugzilla Account
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-04-27 03:29 UTC by Sven Carstens
Modified: 2006-04-08 11:54 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sven Carstens 2004-04-27 03:29:14 UTC
smaba 3.0.2a setup with ldap support and almost everything working fine. 
 
in rpc_server/srv_util.c : get_alias_user_groups 
calls get_group_from_gid 
which in turn opens group_mapping.tdb 
So this function will look into a tdb database 
and not in the ldap database. 
 
This code-path triggers on my systems when I use WinXP 
to add a ACL with a group from the samba-domain. 
WinXP reports Access denied after selecting OK on the 
file properties dialog. 
 
The log files on the samba server show this: 
Apr 26 14:37:56 deepthought smbd[19054]: [2004/04/26 14:37:56, 0] 
groupdb/mapping.c:init_group_mapping(139) 
Apr 26 14:37:56 deepthought smbd[19054]:   Failed to open group mapping 
database 
Apr 26 14:37:56 deepthought smbd[19054]: [2004/04/26 14:37:56, 0] 
groupdb/mapping.c:get_group_from_gid(655) 
Apr 26 14:37:56 deepthought smbd[19054]:   failed to initialize group 
mappingFailed to open group mapping database 
Apr 26 14:37:56 deepthought smbd[19054]: [2004/04/26 14:37:56, 0] 
groupdb/mapping.c:get_group_from_gid(655) 
Apr 26 14:37:56 deepthought smbd[19054]:   failed to initialize group 
mappingFailed to open group mapping database 
Apr 26 14:37:56 deepthought smbd[19054]: [2004/04/26 14:37:56, 0] 
groupdb/mapping.c:get_group_from_gid(655) 
Apr 26 14:37:56 deepthought smbd[19054]:   failed to initialize group 
mappingFailed to open group mapping database 
Apr 26 14:37:56 deepthought smbd[19054]: [2004/04/26 14:37:56, 0] 
groupdb/mapping.c:get_group_from_gid(655) 
Apr 26 14:37:56 deepthought smbd[19054]:   failed to initialize group 
mappingFailed to open group mapping database 
Apr 26 14:37:56 deepthought smbd[19054]: [2004/04/26 14:37:56, 0] 
groupdb/mapping.c:get_group_from_gid(655) 
Apr 26 14:37:56 deepthought smbd[19054]:   failed to initialize group 
mappingFailed to open group mapping database 
Apr 26 14:37:56 deepthought smbd[19054]: [2004/04/26 14:37:56, 0] 
groupdb/mapping.c:get_group_from_gid(655) 
Apr 26 14:37:56 deepthought smbd[19054]:   failed to initialize group 
mappingget_alias_user_groups: gid of user scarstens doesn't exist. C 
heck your /etc/passwd and /etc/group files 
 
The user in question is the user working on the WinXP and adding the ACL. 
During all of that no ldap access whatsoever occours.
Comment 1 Sven Carstens 2004-04-29 05:30:13 UTC
Using the command 
'net user INFO scarstens' 
will show all groups and the logfiles of the 
LDAP-server will show the search activities. 
Comment 2 Gerald (Jerry) Carter 2006-04-08 11:54:16 UTC
please reopen if the bug still exists in a current release.