Deprecated but still supported "idmap backend"
actually is broken
Gerald (Jerry) Carter
jerry at samba.org
Wed Oct 10 19:40:12 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dmitry,
I'm nopt trying to be rude here, but....
>> idmap domains = FOO
>> idmap config FOO:backend = rid
>> idmap config FOO:read_only = yes
>> idmap config FOO:range = 1000-100000
>
> Yep, should. But not.
>
> If "idmap domains" is empty (and I use "idmap backend" instead), then
> nsswitch/idmap.c:idmap_init() does not see the name "FOO" at all. It
> just prepare the "rid:FOO=1000-100000" and then:
> dom->name = "default domain"
> dom->params = "FOO=1000-100000"
> than rid's init is called etc...
>
> "FOO" does not go to "dom->name". Then winbindd tries
> to operate with wrong name, and since there is no the
> name "default domain" in the "domain_list()" at all, it fails.
I made a conscious choice *not* to support syntax of idmap_rid
that was never officially supported anyways. So when I say
"idmap backends" is still supported, what I *mean* is that
officially supported syntax is still supported. Maybe someone
else wants to step up to the plate on this one, but I'm not
fixing what is currently working by design. I suggest you
contact whoever made the packages for you.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHDSqcIR7qMdg1EfYRArxVAKDcCSuZRteMVBs4KVHYZBpIsxYvSgCeMIjv
CJ1uo03r/8zLUGkFZS5RJYs=
=C6hp
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list