Samba4: idmap replication between 2 DC's

[Gémes Géza]

2012-07-13 12:07 keltezéssel, steve írta:
> On 13/07/12 09:49, Andrew Bartlett wrote:
>> On Fri, 2012-07-13 at 09:03 +0200, steve wrote:
>>
>>> Hi Andrew, hi everyone
>>
>>> Conclusion 2:
>>>    idmap_ldb:use rfc2307 = yes
>>> does not work when gidNumber is in AD
>>>
>>> Summary,
>>> idmap_ldb:use rfc2307 = yes
>>> uidNumber in AD works
>>> gidNumber in AD does not work
>>>
>>> Can you help me sort the gidNumber?
>>
>> This would be significantly less frustrating for all of us if you would
>> attempt debugging the source yourself.
>>
>> I'm sure this isn't a difficult bug to solve, so why not give it a go.
>>
>> Some starting hints:
>>   - git grep gidNumber
>
> Hi Andrew
> OK. I take your point. I really should have gone with K&R.
>
> I've found the file responsible for the uidNumber and gidNumber at:
> source4/winbind/idmap.c
>
> Try as I may as I cannot see why uidNumber works and gidNumber doesn't.
>
> Can any C coder help me by have a look at it before I go to:
>
>>   - increase debug level to cover any existing, relelvent debug
>> statements
>>   - Add debug statements to cover the full flow control of any 
>> apparently
>> relevant functions:
>>     DEBUG(0, ("debug message"));
>>   - start samba under gdb using :
>>     gdb --args samba -i -M single
>>   - use samba_start_debugger() to launch gdb under particular conditions
>>
>> I know you have said this is beyond you, but I do believe this is a
>> skill you can learn.
>>
>> Andrew Bartlett
>>
> Cheers,
> Steve
Hi,

I've checked the idmap.c and users and groups are treated equal, so it 
is not the reason to have it behaving like you described.

What would be worth checking: if you have the objectClass: posixGroup 
with the failing groups.

Regards

Geza