Bug 4324 - USRMGR.EXE does not show groups
Summary: USRMGR.EXE does not show groups
Status: RESOLVED INVALID
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts (show other bugs)
Version: 3.0.23d
Hardware: x86 Linux
: P3 major
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-01-04 11:57 UTC by Durval Menezes
Modified: 2007-03-02 12:11 UTC (History)
1 user (show)

See Also:

Attachments
screendump of USRMGR.EXE showing the problem. (84.34 KB, image/jpeg)
2007-01-11 11:46 UTC, Durval Menezes 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Durval Menezes 2007-01-04 11:57:54 UTC 
We have updated from Samba 3.0.10 (CentOS 4.4 samba-3.0.10-1.4E.9.i386.rpm) to Samba 3.0.23d (Sernet.de packages samba3*-3.0.23d-30.i386.rpm) and suddenly USRMGR.EXE stopped showing the available groups (i.e, the "Groups" panel at the bottom of USRMGR's window is completely blank). Using EXPLORER.EXE folder's "permission" tab to add rights for groups work Ok: the problem only manifests itself in USRMGR.EXE. Reinstalling the samba-3.0.10 RPMs solves the problem, so the problem definitely seems to be in the 3.0.23d Samba version.

Our environment is:
OS: CentOS 4.4 (Linux RHEL 4.4 clone) with all updates;
User base is on LDAP (relevant packages: openldap-2.2.13-6.4E, smbldap_tools v.1.56);
Comment 1 Björn Jacke 2007-01-09 12:06:32 UTC 
99% that this is an OpenLDAP bug of the OpenLDAP version you have. OpenLDAP fixed pages results in 2.2.16 while Samba started using paged results after 3.0.10.
Comment 2 Durval Menezes 2007-01-11 11:43:21 UTC 
(In reply to comment #1)
> 99% that this is an OpenLDAP bug of the OpenLDAP version you have. OpenLDAP
> fixed pages results in 2.2.16 while Samba started using paged results after
> 3.0.10.

Thank you for your help.

I just upgraded our test machine's OpenLDAP from version 2.2.13 to 2.2.16,
as indicated, and still the problem continues *exactly* as before.
Perhaps my explanation of USRMGR.EXE problem was not very clear, so
I'm attaching a screendump of USRMGR.EXE showing the problem.

If it's indeed not a SAMBA bug, what more can I do to fix this?
Comment 3 Durval Menezes 2007-01-11 11:46:23 UTC 
Created attachment 2254 [details]
screendump of USRMGR.EXE showing the problem.

perhaps my (textual) explanation of the bug was not very clear, so I'm attaching this screendump to try and rectify it.
Comment 4 Volker Lendecke 2007-01-16 00:49:17 UTC 
With 3.0.23 we changed Samba to only show groups that have group mapping entries created with "net groupmap".

Marking this bug as invalid, please re-open if the groups still don't show up if you map them with "net sam mapunixgroup".

Volker
Comment 5 Durval Menezes 2007-01-17 12:38:09 UTC 
Apparently our groups already have been group mapped:

    root# net sam mapunixgroup am-administrator
    Mapping group am-administrador failed with NT_STATUS_GROUP_EXISTS
    root# net sam show am-administrator
    SERVER\am-administrator is a Domain Group with SID S-1-5-21-1418233604-66961471-3069881275-2047

The problem remains the same, so I'm reopening the bug. 

Any other ideas?

Thanks,
   Durval Menezes
Comment 6 Volker Lendecke 2007-01-17 12:40:56 UTC 
Please show what "net groupmap list" shows.

If there are entries, then please upload a debug level 10 log of smbd from its start to usrmgr.exe not showing its groups.

Volker
Comment 7 Gerald (Jerry) Carter (dead mail address) 2007-01-17 13:59:44 UTC 
Did you update the schema file and reindex you database (hint: read 
the release notes)?
Comment 8 Alexandre Coelho 2007-03-02 12:10:36 UTC 
I had exactly the same problem. After read this thread, update the samba.schema file and reindex the ldap database, the problem was solved. Thanks to Jerry Carter. I think this bug can be closed.
Comment 9 Gerald (Jerry) Carter (dead mail address) 2007-03-02 12:11:40 UTC 
config issue