hi
im using precompiled samba v. 3.0.4 packages from SuSE 9.1 DVDs all services (ldapsam, winbind, ... ) are compiled in
user mapping on the PDC "SERVER" (SID-RID to UID) work fine
the domain member server "FILESERV" gets the local accounts via nsswitch from the ldap backend of "SERVER"
(tested with getent passwd)
he also gets and checks the samba users and passwords against the PDC (if i connect from a client to "FILESERV"), so he has no local password/user backend
if i create a new folder from (win xp) client on "FILESERV" i just see SID-(G)RID and not "user xyz"if
if i create a new folder from (win xp) client on "SERVER" i "user xyz"
the interesting parts of smb.conf on "FILESERV" are
[global]
workgroup = NEVAN netbios name = FILESERV server string = NevanFS01 on Samba Version: %v
username map = /etc/samba/username.map
log level = 5 log file = /var/lib/samba/log.%m max log size = 10000
passdb backend = ldapsam:"ldap://server:389"; ldap passwd sync = yes ldap suffix = dc=eva,dc=mpg,dc=de ldap admin dn = cn=manager,dc=eva,dc=mpg,dc=de #ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) ldap machine suffix = ou=machines ldap user suffix = ou=users ldap group suffix = ou=groups ldap replication sleep = 2000
idmap backend = ldap:ldap://server:389 ldap idmap suffix = ou=idmap idmap uid = 1000-5000 idmap gid = 1000-5000
# interfaces = eth0 lo # bind interfaces only = yes
guest ok = no guest account = Guest
security = domain local master = no os level = 32 domain master = no domain logons = no
encrypt passwords = yes password server = server socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
wins support = yes dns proxy = no
local user/group accounts are from 0 (root) and 500 - 600 i also changed
idmap uid = 1000-5000 idmap gid = 1000-5000
to
idmap uid = 0-5000 idmap gid = 0-5000
but he cannot resolve SIDs
i just wonder, if theres a way around winbind? because i already red the docs but can't get it working (see log)
please help
thx
LOG (wbinfo -S 667)
--------------------------
[2004/06/09 19:22:06, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(261)
[11062]: request interface version
[2004/06/09 19:22:06, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(297)
[11062]: request location of privileged pipe
[2004/06/09 19:22:06, 5] nsswitch/winbindd.c:winbind_client_read(465)
read failed on sock 19, pid 11062: EOF
[2004/06/09 19:22:06, 3] nsswitch/winbindd_sid.c:winbindd_uid_to_sid(303)
[11062]: uid to sid 667
[2004/06/09 19:22:06, 5] lib/smbldap.c:smbldap_search(932)
smbldap_search: base => [ou=idmap,dc=eva,dc=mpg,dc=de], filter => [(&(objectClass=sambaIdmapEntry)(uidNumber=667))], scope =
> [2]
[2004/06/09 19:22:06, 0] sam/idmap_ldap.c:ldap_get_sid_from_id(525)
ldap_get_sid_from_id: mapping not found for uidNumber: 667
[2004/06/09 19:22:06, 1] nsswitch/winbindd_sid.c:winbindd_uid_to_sid(356)
Could not convert uid 667 to rid
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
