Hi, I'm setting up a Samba AD member server on CentOS 6. Everything seems to work, except that Windows users don't get automatically created in the idmap backend (which is an LDAP tree, btw).
I do get the following errors in the winbind logging: [2012/01/26 13:04:20.634990, 1] winbindd/idmap_ldap.c:193(verify_idpool) Unable to verify the idpool, cannot continue initialization! [2012/01/26 13:04:20.635125, 0] winbindd/idmap.c:599(idmap_alloc_init) ERROR: Initialization failed for alloc backend, deferred! and a panic by winbind: [2012/01/26 13:06:50.726749, 0] lib/fault.c:46(fault_report) =============================================================== [2012/01/26 13:06:50.726893, 0] lib/fault.c:47(fault_report) INTERNAL ERROR: Signal 11 in pid 2730 (3.5.10-114.el6) Please read the Trouble-Shooting section of the Samba3-HOWTO [2012/01/26 13:06:50.726931, 0] lib/fault.c:49(fault_report) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2012/01/26 13:06:50.726967, 0] lib/fault.c:50(fault_report) =============================================================== [2012/01/26 13:06:50.727005, 0] lib/util.c:1490(smb_panic) PANIC (pid 2730): internal error [2012/01/26 13:06:50.730324, 0] lib/util.c:1594(log_stack_trace) BACKTRACE: 19 stack frames: #0 winbindd(log_stack_trace+0x2e) [0x95a88e] #1 winbindd(smb_panic+0x2e) [0x95a9ae] #2 winbindd(+0x170f9f) [0x947f9f] #3 [0x110400] #4 /lib/libldap-2.4.so.2(ldap_unbind_ext+0x25) [0x186855] #5 /lib/libldap-2.4.so.2(ldap_unbind+0x70) [0x1869a0] #6 winbindd(+0x52d07f) [0xd0407f] #7 winbindd(+0x52d325) [0xd04325] #8 winbindd(run_events+0x110) [0x96c800] #9 winbindd(+0xbffd8) [0x896fd8] #10 winbindd(+0xc0f1d) [0x897f1d] #11 winbindd(+0x198d08) [0x96fd08] #12 winbindd(tevent_common_loop_immediate+0xe6) [0x96e4f6] #13 winbindd(run_events+0x3e) [0x96c72e] #14 winbindd(+0x195bc1) [0x96cbc1] #15 winbindd(_tevent_loop_once+0x98) [0x96d2c8] #16 winbindd(main+0xa9a) [0x86804a] #17 /lib/libc.so.6(__libc_start_main+0xe6) [0xf9ace6] #18 winbindd(+0x8e531) [0x865531] [2012/01/26 13:06:50.731949, 0] lib/fault.c:326(dump_core) dumping core in /var/log/samba/cores/winbindd Here's my testparm output with <domain> replacing our internal domainname: Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[homes]" Processing section "[printers]" Processing section "[Profiles]" Processing section "[<domain>]" Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = <domain> realm = <domain>.LOCAL server string = Samba Server Version %v security = ADS passdb backend = ldapsam:ldap://limara.mgt.<domain>.local log file = /var/log/samba/log.%m max log size = 50 ldap admin dn = cn=Manager,dc=<domain>,dc=local ldap group suffix = ou=Group,dc=office ldap idmap suffix = ou=People,ou=Domain Users,dc=office ldap machine suffix = ou=Computers,dc=office ldap suffix = dc=<domain>,dc=local ldap ssl = no idmap backend = ldap:ldap://limara.mgt.<domain>.local idmap alloc backend = ldap idmap uid = 10000-19999 idmap gid = 10000-19999 idmap alloc config : ldap_base_dn = dc=office,dc=<domain>,dc=local idmap alloc config : ldap_url = ldap://limara.mgt.<domain>.local ldapsam:editposix = yes ldapsam:trusted = yes cups options = raw [homes] comment = Home Directories path = /srv/windows/users/%S valid users = <domain>\%S read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [Profiles] path = /srv/windows/profiles/ read only = No guest ok = Yes browseable = No [<Domain>] path = /srv/windows/shared/ read only = No Searching on the errors on Google gives me only parts of the source code, questions, and no answers. For a sidenote: if I do create the user objects manually, the idmappings get created without problems. I could run production with the server as it is now, but I'd prefer to have the account creation/idmapping to go automatically, as that saves me a lot of admin work. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
