winbindd_idmap.tdb recovery
MCCALL,DON (HP-USA,ex1)
don_mccall at hp.com
Tue Feb 5 16:51:01 GMT 2002
Hi Michael,
Sorry I was in a bit of a rush when I sent you that cobbled together perl
script.
The idea behind the script is twofold:
1. If you use it immediately after joining the domain and starting winbindd,
but BEFORE
any connections are made to your system, then running the resultant
initialize_winbind_groups.sh
and
initialize_winbind_users.sh
should give you repeatable results, if you then took those scripts over to
ANOTHER
winbindd machine, and ran them after newly joining IT to the domain and
starting up
winbindd - That is to say, both machines would agree as to the uid and gid
mapping to the
WIN2k domain users and groups. Of course, if new users are added, these
machines could get
out of sync, as the new users attached to each machine possibly in different
order.
The other way I envisioned using these was more in a disaster recovery mode,
as you mentioned.
Run these scripts every night as part of your backup, and you should
generate a uid/username and gid/groupname log that you could then use with
wbinfo to reassign mapping in the event of a loss/corruption of the tdb...
Hope this helps,
Don
btw - I don't imagine this scales very well - I didn't write it for speed...
;->
-----Original Message-----
From: Michael Steffens [mailto:michael_steffens at hp.com]
Sent: Tuesday, February 05, 2002 5:43 AM
To: samba-technical at samba.org
Subject: winbindd_idmap.tdb recovery
Hi,
I'm a bit concerned about how to recover winbindd_idmap.tdb,
in case it should ever be trashed, for whichever reason.
Are there any recommended or proposed ways for doing this?
What I'm dreaming of is a way of creating a plain text dump
of this file, which can be backed up and be used for repairing
winbindd_idmap.tdb in case of desaster.
Even better if winbindd could also log all newly created mappings
in the same plain text format into an ID mapping log.
Using plain text for this purpose would have the advantage
that merging, checking consistency, applying corrections, or
chown'ing through the file system, could be done with standard
Unix methods and adjusted to what has actually happened.
Cheers!
Michael
More information about the samba-technical
mailing list