[Samba] id mapping

[Robert Freeman-Day]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have been the most happy with the hash idmap.  It really is the least
invasive and "just works" (does that need to be trademarked these
days?).  Since it hashes the SID with the same algorithm, all members
get the same UID/GID mappings, which is a big win.

Robert

On 08/23/2010 05:21 PM, Greg Dickie wrote:
> Hi,
> 
>   Today I'm trying to debug a problem on samba 3.5.4 where a domain
> member server is having trouble mapping UIDs to SIDs. I must admit I
> never really looked at this before as everything seemed to "just work".
> Today I discovered that idmap backend on the PDC and the member server
> were both defaulted to tdb. This means they have independent views of
> UID to SID mappings I guess. That sucks. So I'm looking at the ldap
> backend but I notice that it uses a special ou in the LDAP tree to store
> mappings. Why do we need that if the sambaSamAccount schema also has
> SIDs and UIDs for each user. Also, how is that tree populated?
> 
> Looking at my PDC it seems to just pull everything out of gencache.tdb
> or say that no mapping exists. Doing a tdbdump of winbind_idmap.tdb
> shows only a few entries. This seems to be more complicated than I
> expected. I'm sorry if this is a silly question but what am I doing
> wrong?
> 
> Thanks a lot,
> Greg
> 
> 


- -- 
________

Robert Freeman-Day

https://launchpad.net/~presgas
GPG Public Key:
http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxzxMMACgkQup357T5MfTY0VACfSGOY2vXg05lUplINAeqxr42s
iR0AnA3P/DdGApB0+WIJZTzNN99qiv/z
=ddTf
-----END PGP SIGNATURE-----