-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey Ross,
I'm having problems getting the new idmap_adex module to work.
Sorry about that.
When using the idmap_adex plugin I get the following:
# wbinfo -n administrator
S-1-5-21-X-XX-XX-500 User (1)
# wbinfo -i administrator
Could not get info for user administrator
As expected attempting to lookup user group info
via commands which use libnss also fail.
The administrator account is setup with all the necessary
rfc2307 attributes and works fine with the idmap_ad plugin.
The uidNumber, gidNumber, and uid attributes have been added
to the forests partial attribute set, as recommended by then
idmap_adex man page.
Idmap log throws up a couple of interesting lines (full log below):
1) NT_STATUS_NO_LOGON_SERVERS; although wbinfo --online-status
says domain is online and name to sid lookups work ok.
2) could not find idmap alloc module adex; idmap module is
installed at /usr/lib/samba/idmap/adex.so, ad.so is in the same
folder.
idmap_adex doesn't do uid/gid allocation so this is a normal
message.
Domain forest functional level are both Windows Server 2003.
Running Samba/Winbind 3.3.1 on RHEL5, built from Fedora
rawhide SRPM.
Here is my smb.conf
[global]
workgroup = LOCAL
...
The conf file looks fine.
And here is log-winbindd-idmap at debug level 10:
...
[2009/03/26 09:12:45, 10]
winbindd/idmap_adex/likewise_cell.c:cell_do_search(382)
cell_do_search: Base = , Filter = (objectSid=\XX\), Scope = 2, GC = yes
[2009/03/26 09:12:45, 10]
winbindd/idmap_adex/likewise_cell.c:cell_connect_dn(339)
Failed! (NT_STATUS_NO_LOGON_SERVERS)
Any chance i could get you to send me a network sniff of the failure
(off list)? E.g.
$ tcpdump -s 0 -w /tmp/dump.pcap \
port 88 or port 53 or port 3268 or port 389
cheers, jerry
- --
=
Samba--- http://www.samba.org
Likewise Software - http://www.likewise.com
What man is a man who does not make the world better? --Balian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAknLpngACgkQIR7qMdg1Efbn/ACfSlhx2g6hTXABULtMMtB3JcvA
5cMAn3f5XdUwzgJtVd0AoLsiqPYh932R
=w1qw
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba