Re: [Samba] Unable to add a particular member to group (Samba 4.6.3)

The user exists in AD:

- I can see the user using 'wbinfo', 'samba-tool user list'

- I can add the user to a group with 'Active Directory Users and Computers' in Windows 2008R2

- It's seems impossible to use 'samba-tool group addmembers foogroup foouser'

I looked at the user's attributes but can't find anything different from any other user that works properly.

Any other ideas?

Le 2017-04-25 à 11:50, Rowland Penny via samba a écrit :
On Tue, 25 Apr 2017 10:36:54 -0400
Luc Lalonde via samba <samba@xxxxxxxxxxxxxxx> wrote:

Hello Folks,

I'm getting this strange error when I try to add a particular member
to a group:

[root@roquefort admin]# /usr/local/samba/bin/samba-tool group
addmembers foogroup foouser
ERROR(exception): Failed to add members "foouser" to group "foogroup"
- Unable to find "foouser". Operation cancelled.
line 239, in run
"/usr/local/samba/lib64/python2.6/site-packages/samba/samdb.py", line
274, in add_remove_group_members raise Exception('Unable to find
"%s". Operation cancelled.' % member)

However, it seems to work for another account:

[root@roquefort admin]# /usr/local/samba/bin/samba-tool group
addmembers foogroup foouser2
Added members to group foogroup
[root@roquefort admin]# /usr/local/samba/bin/samba-tool group
removemembers foogroup foouser2
Removed members from group foogroup

Anyone have an idea what's causing this?   I even tried to re-create
the 'foouser' account and I get the same error.

Does the user exist in AD ?
If you run 'wbinfo -u | grep foouser' do you get any output ?
Does 'samba-tool user list | grep foouser' show the user ?

If the user does exist in AD, then I suggest you compare the 'foouser'
object in AD with the object for 'foouser2'


