Samba4 winbind: use rfc2307 not working with winbind [SOLVED]

Andrew Bartlett abartlet at samba.org
Mon Aug 6 23:37:58 MDT 2012 

On Tue, 2012-08-07 at 01:08 +0200, steve wrote:
> On 08/06/2012 08:55 PM, Jeremy Allison wrote:
> > On Mon, Aug 06, 2012 at 08:29:28PM +0200, steve wrote:
> >> On 08/06/2012 01:42 PM, Gémes Géza wrote:
> >>> 2012-08-06 12:31 keltezéssel, steve írta:
> >>>> Hi
> >>>> Here is my smb.conf:
> >>>> [global]
> >>>>         workgroup = ALTEA
> >>>>         realm = hh3.site
> >>>>         netbios name = HH30
> >>>>         server role = active directory domain controller
> >>>>         passdb backend = samba4
> >>>>         idmap_ldb : use rfc2307 = Yes
> >> It was the syntax.
> >> The syntax needs to be very tight:
> >> Compare:
> >> idmap_ldb : use rfc2307 = Yes
> >> with:
> >> idmap_ldb:use rfc2307=Yes
> >>
> >> The latter works. I thought that white space was ignored in smb.conf. . .
> > Ah - yes, white space is ignored, but maybe not in
> > parameterized options.
> >
> > So you need:
> >
> > "idmap_ldb:use rfc2307" to be exact, but we shouldn't care
> > about the spacing around the "= yes" I don't think.
> >
> > Jeremy.
> Hi
> Thanks. But anyway it only works for groups, not users.
> If posixGroup and gidNumber are present for a group it maps from AD. For 
> posixAccount and uidNumber, an entry is created in idmap.ldb and that is 
> used instead of the uidNumber in AD
> 
> Is there anything we can do to fix this?

Steve,

Indeed, there is something you can do.  As I suggested when you last had
trouble here:

I would suggest debugging the source.  

I don't think this will be a difficult bug to solve, and you can use the
existing patches that have been developed for this area as reference for
where to start looking. 

These were the starting hints I gave last time:
 - git grep uidNumber
 - increase debug level to cover any existing, relevant debug
statements
 - Add debug statements to cover the full flow control of any apparently
relevant functions:
   DEBUG(0, ("debug message"));
 - start samba under gdb using :
   gdb --args samba -i -M single
 - use samba_start_debugger() to launch gdb under particular conditions

Andrew Bartlett
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba-technical mailing list