I have inherited an OpenLDAP system, coupled to a FreeNAS and it is quite a headache to create users all the time. I just want to create a user that can access its own homes share.
I have a working user in my LDAP that I almost copied to the new one, but somehow it is still missing information. This is the error message I get when trying to mount the share:
[2015/07/31 08:42:49.172906, 1] ../source3/param/loadparm.c:3178(lp_do_parameter)
WARNING: The "idmap gid" option is deprecated
[2015/07/31 08:42:49.212652, 1] ../source3/auth/server_info.c:407(samu_to_SamInfo3)
Failed to get groups from sam account.
[2015/07/31 08:42:49.212748, 0] ../source3/auth/check_samsec.c:492(check_sam_security)
check_sam_security: make_server_info_sam() failed with 'NT_STATUS_INTERNAL_DB_CORRUPTION'
I got here by trying to mimic the working user, but I don't seem to be able to get all attributes. Also, the attributes I am still missing seem to be completely unrelated to this message. Actually, I am stuck now.
Any ideas or pointers to get me going?
Best Answer
I was in a similar situation and I solved my problem. I am happy that my solution helps you.
My situation was that I failed to login by smbclient with the following logs:
It was the group config. that should be changed. In my case, I manage my LDAP accounts with LDAP ACCOUNT MANAGER (LAM) In LAM, I added
samba3 extensionto the primary group of the user which is tried to use.In other words, Do you have 'sambaSID' in the group you want to use? The 'Group' section in 'http://pig.made-it.com/samba-accounts.html' may help you.