[Samba] winbind bug?
Doug Tucker
tuckerd at lyle.smu.edu
Thu Mar 27 10:22:12 MDT 2014
On 03/27/2014 11:18 AM, Rowland Penny wrote:
> On 27/03/14 16:13, Doug Tucker wrote:
>>
>>>>
>>>>
>>> Hi, if you read the man pages (hint, hint) they all seem to want you
>>> to use 'idmap config * : backend = tdb' and they all say that the
>>> ranges must not overlap, or as they put it 'disjoint ranges'.
>>>
>>> Rowland
>> LOL...Thanks for the reminder Rowland. I have done nothing but read
>> man pages, several how-to's, and google google google trying to solve
>> this. I had zero idea what "disjoint ranges" meant. My config I
>> originally got directly from several "how-to's" and modified from a
>> user here that sent me his config file that is "working" (his all
>> overlap..heck, they are all the same range). I don't see in the man
>> pages where it says you have to use tdb..and searching online that
>> seems to be a point of confusion, not everyone agrees (again, that
>> was the way I originally had it, someone suggested to me I needed to
>> change that to AD since I wasn't using local users). In fact, I
>> would be one of those people posting my existing config "as
>> working"....if I never had any unix uid's over 11000. And not to
>> throw a wrench into that, but, even unix users over 11000 work just
>> fine...on windows XP clients! It ONLY fails with a unix id > 11000
>> AND windows 7.
>>
>> I have now changed the idmap config * : backend =tbd..my new config:
>>
>> idmap config * : backend = tbd
>> idmap config * : range = 3000000 - 3100000
>> idmap config SEAS:backend = rid
>> idmap config SEAS:range = 1000 - 40000
>> idmap config * : schema_mode = rfc2307
>> idmap config SEAS-S:backend = rid
>> idmap config SEAS-S:range = 40001 - 60000
>>
>> There is no change, my results are exactly the same. unix uid >
>> 11000 no work, under 11000 works.
>>
>>
> Hi again, I hope that is a typo 'tbd', should be 'tdb', if it isn't or
> if changing it doesn't work, can you post your smb.conf, what OS and
> what you are pointing samba at.
>
> Rowland
Yes fat finger, sorry Rowland, thanks so much for the reply again. Here
is my smb.conf copy/paste:
workgroup = SEAS-S
realm = SEAS-S.ENGR.SMU.EDU
hide dot files = yes
server string = Samba Server
client use spnego = yes
posix locking = no
kernel oplocks = no
log level = 3
log file = /var/log/samba/%m.log
follow symlinks = yes
wide links = yes
unix extensions = no
max log size = 50
security = ADS
passdb backend = tdbsam
obey pam restrictions = no
invalid users = root
unix password sync = no
username map = /etc/samba/domain_user.map
local master = no
preferred master = no
wins support = no
wins server = 129.119.113.218 129.119.113.219
dns proxy = no
winbind enum users = Yes
winbind enum groups = Yes
winbind separator = +
winbind cache time = 600
idmap config * : backend = tdb
idmap config * : range = 3000000 - 3100000
idmap config SEAS:backend = rid
idmap config SEAS:range = 1000 - 40000
idmap config * : schema_mode = rfc2307
idmap config SEAS-S:backend = rid
idmap config SEAS-S:range = 40001 - 60000
[homes]
comment = Home Directories
browseable = no
writable = yes
More information about the samba
mailing list