Bug 4324 - USRMGR.EXE does not show groups
USRMGR.EXE does not show groups
Status: RESOLVED INVALID
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts
3.0.23d
x86 Linux
: P3 major
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-01-04 11:57 UTC by Durval Menezes
Modified: 2007-03-02 12:11 UTC (History)
1 user (show)

See Also:


Attachments
screendump of USRMGR.EXE showing the problem. (84.34 KB, image/jpeg)
2007-01-11 11:46 UTC, Durval Menezes
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Durval Menezes 2007-01-04 11:57:54 UTC
We have updated from Samba 3.0.10 (CentOS 4.4 samba-3.0.10-1.4E.9.i386.rpm) to Samba 3.0.23d (Sernet.de packages samba3*-3.0.23d-30.i386.rpm) and suddenly USRMGR.EXE stopped showing the available groups (i.e, the "Groups" panel at the bottom of USRMGR's window is completely blank). Using EXPLORER.EXE folder's "permission" tab to add rights for groups work Ok: the problem only manifests itself in USRMGR.EXE. Reinstalling the samba-3.0.10 RPMs solves the problem, so the problem definitely seems to be in the 3.0.23d Samba version.

Our environment is:
OS: CentOS 4.4 (Linux RHEL 4.4 clone) with all updates;
User base is on LDAP (relevant packages: openldap-2.2.13-6.4E, smbldap_tools v.1.56);
Comment 1 Björn Jacke 2007-01-09 12:06:32 UTC
99% that this is an OpenLDAP bug of the OpenLDAP version you have. OpenLDAP fixed pages results in 2.2.16 while Samba started using paged results after 3.0.10.
Comment 2 Durval Menezes 2007-01-11 11:43:21 UTC
(In reply to comment #1)
> 99% that this is an OpenLDAP bug of the OpenLDAP version you have. OpenLDAP
> fixed pages results in 2.2.16 while Samba started using paged results after
> 3.0.10.

Thank you for your help.

I just upgraded our test machine's OpenLDAP from version 2.2.13 to 2.2.16,
as indicated, and still the problem continues *exactly* as before.
Perhaps my explanation of USRMGR.EXE problem was not very clear, so
I'm attaching a screendump of USRMGR.EXE showing the problem.

If it's indeed not a SAMBA bug, what more can I do to fix this?
Comment 3 Durval Menezes 2007-01-11 11:46:23 UTC
Created attachment 2254 [details]
screendump of USRMGR.EXE showing the problem.

perhaps my (textual) explanation of the bug was not very clear, so I'm attaching this screendump to try and rectify it.
Comment 4 Volker Lendecke 2007-01-16 00:49:17 UTC
With 3.0.23 we changed Samba to only show groups that have group mapping entries created with "net groupmap".

Marking this bug as invalid, please re-open if the groups still don't show up if you map them with "net sam mapunixgroup".

Volker
Comment 5 Durval Menezes 2007-01-17 12:38:09 UTC
Apparently our groups already have been group mapped:

    root# net sam mapunixgroup am-administrator
    Mapping group am-administrador failed with NT_STATUS_GROUP_EXISTS
    root# net sam show am-administrator
    SERVER\am-administrator is a Domain Group with SID S-1-5-21-1418233604-66961471-3069881275-2047

The problem remains the same, so I'm reopening the bug. 

Any other ideas?

Thanks,
   Durval Menezes
Comment 6 Volker Lendecke 2007-01-17 12:40:56 UTC
Please show what "net groupmap list" shows.

If there are entries, then please upload a debug level 10 log of smbd from its start to usrmgr.exe not showing its groups.

Volker
Comment 7 Gerald (Jerry) Carter 2007-01-17 13:59:44 UTC
Did you update the schema file and reindex you database (hint: read 
the release notes)?
Comment 8 Alexandre Coelho 2007-03-02 12:10:36 UTC
I had exactly the same problem. After read this thread, update the samba.schema file and reindex the ldap database, the problem was solved. Thanks to Jerry Carter. I think this bug can be closed.
Comment 9 Gerald (Jerry) Carter 2007-03-02 12:11:40 UTC
config issue