Deprecated but still supported "idmap backend" actually is broken

Dmitry Butskoy buc at
Wed Oct 10 14:37:54 GMT 2007

The "idmap backend" parameter is now deprecated, but it seems to be 
supported for a while.

Actually, for 3.0.26a, it is broken.

Consider nsswitch/idmap.c:idmap_init() :

If "idmap domains" config is not used, then "dom_list = 
idmap_default_domain", but the last is just "default domain" string. As 
a result, when I specify "idmap backend = rid:FOO=1000-2000" (and leave 
"idmap domains" empty), the correspond domain name appears as "default 
domain", not "FOO" ... Then "getent passwd <uidnumber>" does not work etc...


P.S. Can the new complicated "idmap config DOMAIN ...." be edited under 

More information about the samba-technical mailing list