Deprecated but still supported "idmap backend" actually is broken

Gerald (Jerry) Carter jerry at
Wed Oct 10 19:40:12 GMT 2007

Hash: SHA1


I'm nopt trying to be rude here, but....

>> 	idmap domains = FOO
>> 	idmap config FOO:backend = rid
>> 	idmap config FOO:read_only = yes
>> 	idmap config FOO:range = 1000-100000
> Yep, should. But not.
> If "idmap domains" is empty (and I use "idmap backend" instead), then
> nsswitch/idmap.c:idmap_init() does not see the name "FOO" at all. It
> just prepare the "rid:FOO=1000-100000" and then:
> dom->name = "default domain"
> dom->params = "FOO=1000-100000"
> than rid's init is called etc...
> "FOO" does not go to "dom->name". Then winbindd tries 
> to operate with wrong name, and since there is no the
> name "default domain" in the "domain_list()" at all, it fails.

I made a conscious choice *not* to support syntax of idmap_rid
that was never officially supported anyways.  So when I say
"idmap backends" is still supported, what I *mean* is that
officially supported syntax is still supported.  Maybe someone
else wants to step up to the plate on this one, but I'm not
fixing what is currently working by design.  I suggest you
contact whoever made the packages for you.

cheers, jerry
Samba                                    -------
Centeris                         -----------
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the samba-technical mailing list