Deprecated but still supported "idmap backend" actually is broken

Dmitry Butskoy buc at odusz.so-cdu.ru
Wed Oct 10 14:37:54 GMT 2007


The "idmap backend" parameter is now deprecated, but it seems to be 
supported for a while.

Actually, for 3.0.26a, it is broken.


Consider nsswitch/idmap.c:idmap_init() :

If "idmap domains" config is not used, then "dom_list = 
idmap_default_domain", but the last is just "default domain" string. As 
a result, when I specify "idmap backend = rid:FOO=1000-2000" (and leave 
"idmap domains" empty), the correspond domain name appears as "default 
domain", not "FOO" ... Then "getent passwd <uidnumber>" does not work etc...


~buc

P.S. Can the new complicated "idmap config DOMAIN ...." be edited under 
SWAT?



More information about the samba-technical mailing list