[Samba] Winbind + LDAP Idmap backend finally running!
Bernd Waldboth
bernd.w at dnet.it
Thu Nov 6 21:55:34 GMT 2003
After many hours of trial and error I finally managed to get my Winbind
server with Ldap Idmap backend up and running. I even had to go through
parts of the sources but finally I found out what the reason was why my
LDAP db never was updated.
The problem was that at some point the uid/gid to sid mapping function
referred to the "ldap idmap suffix" and at other times to "ldap group
suffix" entries in the smb.conf (the exact name of the function is
ldap_get_id_from_sid).
The solution was to point both "ldap idmap suffix" and "ldap group
suffix" (and to be sure also "ldap user suffix" and "ldap machine
suffix") in the smb.conf to the desired idmap ou. I don't know if this
was the desired behavior or not.
Another thing I found out was that I had to remove the "ldap suffix"
entry.
I hope I could help someone with the same problem.
sugo
More information about the samba
mailing list