Logging this on 3.0.21a although it only exists in HEAD right now.
With Volker's new passdb work requiring group maps adding a new user to a passdb backend fails as follows :
bin/smbpasswd -a root
New SMB password:
Retype new SMB password:
Primary group of user root is not mapped, please map it to a SID with
'net groupmap add'
Failed to modify password entry for user root
What needs to be done is do gid -> sid, if this fails then we must get the group name and attempt to create a new domain group entry to map this posix group to a domain group. As domain groups and local groups must have different names this gives us a problem when trying to map a POSIX group of "users", so I'm intending to map this to an nt domain group of "unix-users" instead.
smbpasswd -a must work automatically without any forced groupmap work from the user.
Oh, and my first attempts to fix this using net groupmap were a miserable failure due to the error checking and help texts from this tool being unusable and horribly confusing *shit*. I need to fix that. It allowed a mapping to rid *zero* for the "users" group. This is a nasty bug.
I would appricate feedback on how best to avoid being in this area in Samba4. If there are areas in this that Samba3 will deal with for compatability, but that you would like never to see again, make sure you holler my way...
Jeremy, didn't you fix this already. if so, please close.