[Samba] idmap & migration to rfc2307
Rowland Penny
rowlandpenny241155 at gmail.com
Sat Nov 7 17:02:23 UTC 2015
On 07/11/15 16:33, Jonathan Hunter wrote:
> On 7 November 2015 at 12:37, Rowland Penny <rowlandpenny241155 at gmail.com> wrote:
>> On 07/11/15 11:31, Jonathan Hunter wrote:
>>> I'm trying to narrow it down to a particular set of circumstances but
>>> it's so intermittent, I'm really struggling.
>> The problem is, sssd now uses its own version of winbind, this came in (I
>> believe) with version 1.12.0 but I 'think' red-hat backport some things to
>> earlier versions. As I understand it, you will be probably be using
>> 1.11.6-30 and it is the '30' that says what it contains, perhaps you are
>> using winbindd and don't realise it. Try reading the changelog for your
>> version of sssd and/or ask sssd.
> I'm actually on 1.12.4-47.el6 - but I'm pretty sure that this problem
> has nothing to do with sssd, as Samba won't be getting any information
> from sssd, will it? The sssd part works just fine; it's the samba
> internal piece (smbd/winbind?) that seems to be failing.
>
> Only connections from remote Windows clients via samba are affected.
> There are no problems with local UNIX authentication via sssd.
I think it may be your version of sssd, I cannot prove it because I
don't use sssd anymore, but I think you could try adding '-nbt' to your
'server services' line in smb.conf, you may be running two nbt servers,
one from samba & one from sssd.
>> If it isn't a sssd problem, then you will need to raise samba logging to 10,
>> wait until it happens again and see if you can see anything in the logs. At
>> this point, you can then log a bug report with something to back it up.
> I will do that - thank you - but I imagine my logs will grow very
> quickly, as I may well need days or weeks of logs before something
> happens. Is there a sub-set of logging that I can turn on just for the
> UID mapping code, do you know? Otherwise I'll just set debug level 10
> and perhaps move my logs onto a separate disk, with more free space...
>
Try reading 'log level' in man smb.conf
Rowland
More information about the samba
mailing list