Re: [Samba] winbind: uid range is ignored

Thu, 02 Aug 2012 09:43:11 -0700 

On 02/08/12 18:16, Gémes Géza wrote:

2012-08-02 17:45 keltezéssel, steve írta:

On 02/08/12 17:14, Bjoern Baumbach wrote:

Hi Steve,

please use "idmap config * : range = ..." instead of idmap uid/gid.



Thanks Jonathan and Bjoern
I have that now.

I chose:
idmap config * : range = 30000-40000

I have deleted the winbind files from /var/lib/samba and
/var/cache/samba and restarted smbd and winbind but the idmap ranges
are still at the old values. In fact they are the same numerical
values as on the DC e.g.

-rw-r--r-- 1 3000037 20513 0 Aug  2 17:34 file1

Back on the DC/fileserver that is correctly mapped as:

-rw-r--r-- 1 POLOP\steve2 Domain Users 0 Aug  2 17:34 file1

Is there a cache somewhere else? I have even totally purged the whole
of samba and reinstalled from nothing but still the old values reappear.
How do I lose the old values so it accepts my new range and maps the
files correctly as humanly readable uid:gid pairs rather than numbers?
nscd is not active.

cheers
Steve

/etc/samba/smb.conf
[global]
realm = polop.site
workgroup = POLOP
security = ADS
wide links = Yes
unix extensions = No
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
idmap config * : backend = tdb
idmap config * : range = 30000-40000



I would suggest using idmap_ad:

http://www.samba.org/samba/docs/man/manpages-3/idmap_ad.8.html

Regards

Geza Gemes


Hi Geza
No. In this case it is a pure-by-the-book winbind test lan.

The problem is this:

Here is my id:
POLOP\steve2@ubuntu1:~$ id
uid=30007(POLOP\steve2) gid=30014(POLOP\domain users) groups=30014(POLOP\domain users),30016(POLOP\staff),30018(BUILTIN\users)
When I create a file, I want to see a uid:gid of POLOP\steve2 POLOP\domain users (as indeed I do back on the fileserver/DC)
But on the client, I see only the uid:gid _numbers_ which are stored in idmap.ldb on the server: 

POLOP\steve2@ubuntu1:~$ touch afile
POLOP\steve2@ubuntu1:~$ ls -l afile
-rw-r--r-- 1 3000037 20513 0 Aug  2 18:34 afile

How do I convert
3000037 to POLOP\steve2
and
20513 to POLOP\domain users
on the client?
The shares are mounted via kerberized nfs on the client and _did_ map correctly before this thread started. 

Cheers,
Steve


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Reply via email to