Hi all,
I have Samba server joined Active Directory domain based on win2008r2, using
LDAP as idmap backend.
Recently I upgraded from 3.3.x to 3.5.x (Sernet RPMs for Centos4).
Now I constantly observe those messages in log:
[2011/02/03 09:10:25.696896, 0]
winbindd/idmap_ldap.c:1471(idmap_ldap_set_mapping)
ldap_set_mapping_internals: Failed to add S-1-5-21-3807515285-1394671770-2144936185-513 to 21066
mapping [gidNumber]
[2011/02/03 09:10:25.696927, 0]
winbindd/idmap_ldap.c:1473(idmap_ldap_set_mapping)
ldap_set_mapping_internals: Error was: (Already exists)
[2011/02/03 09:15:16.234228, 0] winbindd/idmap.c:201(smb_register_idmap_alloc)
idmap_alloc module ldap already registered!
[2011/02/03 09:15:16.234271, 0] winbindd/idmap.c:201(smb_register_idmap_alloc)
idmap_alloc module tdb already registered!
[2011/02/03 09:15:16.234286, 0] winbindd/idmap.c:149(smb_register_idmap)
Idmap module passdb already registered!
[2011/02/03 09:15:16.234300, 0] winbindd/idmap.c:149(smb_register_idmap)
Idmap module nss already registered!
with gidNumber increasing, although samba created mapping for this SID:
dn:
sambaSID=S-1-5-21-3807515285-1394671770-2144936185-513,ou=idmap,dc=corp,dc=<domain>
objectClass: sambaIdmapEntry
objectClass: sambaSidEntry
gidNumber: 20042
sambaSID: S-1-5-21-3807515285-1394671770-2144936185-513
structuralObjectClass: sambaSidEntry
RID 513 is standard "Domain Users" group, but *S-1-5-21-3807515285-1394671770-2144936185* is not AD
domain:
wbinfo --all-domains
BUILTIN
DLC
CORP
DLC is hostname of Samba server and CORP - AD domain.
wbinfo -D corp
Name : CORP
Alt_Name : corp.<domain>
SID : S-1-5-21-3642537914-689118755-2668763798
Active Directory : Yes
Native : Yes
Primary : Yes
wbinfo -D dlc
Name : DLC
Alt_Name :
SID : *S-1-5-21-3807515285-1394671770-2144936185*
Active Directory : No
Native : No
Primary : No
As I understand I should somehow add entry for this SID in local SAM database with "net sam". But
how: with "net sam createlocalgroup" or "net sam createdomaingroup" or "net sam createbuiltingroup"?
I don't understand SAM well, please advice me how to do this.
Thanks.
--
Vladimir Vassiliev
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba