subject:"Re\: \[Samba\] Problems with idmap

Re: [Samba] Problems with idmap_adex module

2009-03-26 Thread Gerald (Jerry) Carter

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hey Ross,

 I'm having problems getting the new idmap_adex module to work.

Sorry about that.

 When using the idmap_adex plugin I get the following:
 
 # wbinfo -n administrator
 S-1-5-21-X-XX-XX-500 User (1)
 # wbinfo -i administrator
 Could not get info for user administrator
 
 As expected attempting to lookup user  group info 
 via commands which use libnss also fail.
 
 The administrator account is setup with all the necessary 
 rfc2307 attributes and works fine with the idmap_ad plugin.
 The uidNumber, gidNumber, and uid attributes have been added
 to the forests partial attribute set, as recommended by then
 idmap_adex man page.
 
 Idmap log throws up a couple of interesting lines (full log below):
 1) NT_STATUS_NO_LOGON_SERVERS; although wbinfo --online-status 
  says domain is online and name to sid lookups work ok.
 2) could not find idmap alloc module adex; idmap module is 
 installed at /usr/lib/samba/idmap/adex.so, ad.so is in the same
 folder.

idmap_adex doesn't do uid/gid allocation so this is a normal
message.

 Domain  forest functional level are both Windows Server 2003. 
 Running Samba/Winbind 3.3.1 on RHEL5, built from Fedora
 rawhide SRPM.
 
 Here is my smb.conf
 [global]
 workgroup = LOCAL
...

The conf file looks fine.

 And here is log-winbindd-idmap at debug level 10:
 
...
 [2009/03/26 09:12:45, 10] 
 winbindd/idmap_adex/likewise_cell.c:cell_do_search(382)
   cell_do_search: Base = ,  Filter = (objectSid=\XX\), Scope = 2, GC = yes
 [2009/03/26 09:12:45, 10] 
 winbindd/idmap_adex/likewise_cell.c:cell_connect_dn(339)
   Failed! (NT_STATUS_NO_LOGON_SERVERS)

Any chance i could get you to send me a network sniff of the failure
(off list)?   E.g.

  $ tcpdump -s 0 -w /tmp/dump.pcap \
port 88 or port 53 or port 3268 or port 389




cheers, jerry
- --
=
Samba--- http://www.samba.org
Likewise Software  -  http://www.likewise.com
What man is a man who does not make the world better?  --Balian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAknLpngACgkQIR7qMdg1Efbn/ACfSlhx2g6hTXABULtMMtB3JcvA
5cMAn3f5XdUwzgJtVd0AoLsiqPYh932R
=w1qw
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Problems with idmap_adex module

2009-03-26 Thread Christian McHugh

On Thursday 26 March 2009 08:59:53 Gerald (Jerry) Carter wrote:
  I'm having problems getting the new idmap_adex module to work.

 Sorry about that.

Not sure if it is related, but it looks like the problems in 5973 are from 
idmap_adex

Christian McHugh
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Problems with idmap_adex module

Re: [Samba] Problems with idmap_adex module

2 matches

Site Navigation

Mail list logo

Footer information