Well, no luck for me. Can you specify the whole requirements for this to work.
... passdb backend = ldapsam:ldap://localhost/ ldap suffix = ldap admin dn = Idmap backend = ldap:ldap://localhost/ ... Should I enable ldap trust ids too? Have a good time, Andrey Nepomnyaschih -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Bartlett Sent: Wednesday, July 02, 2003 1:40 PM To: Andrey Nepomnyaschih Cc: [EMAIL PROTECTED]; 'Andrew Bartlett' Subject: RE: [Samba] RID numbers On Wed, 2003-07-02 at 19:18, Andrey Nepomnyaschih wrote: > Hello Andrew, > > Well I've got the samba 3.0beta2 and it seems that Samba stills > expects RID to be as (uidNumber * 2 + 1000). > > I'll try decribe the situation maybe the problem lies somewhere else. > > I have an Administrator account with uidNumber of 0. And whenever I > set its RID to 500 (default from NT world) there's no way to add > workstations to domain with the Administrator account. On the opposite > side when I set RID to 1000 (0 * 2 + 1000) it works fine. So I assume > that samba doesn't use the mapping between uidNumber from posixAccount > and sambaSID from sambaSamAccount, when checks whether the account has > root access. > > Can you clarify this thing to me? In order to use arbitary rids in LDAP, you *must* use 'idmap backed = ldap:ldap://localhost' (as appropriate for your setup). I will see how this can be best automated/documented to avoid future confusion. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba