Samba4: idmap replication between 2 DC's
Sergey Urushkin
urushkin at telros.ru
Thu Jul 19 05:55:00 MDT 2012
13.07.2012 11:49, Andrew Bartlett пишет:
> On Fri, 2012-07-13 at 09:03 +0200, steve wrote:
>
>> Summary,
>> idmap_ldb:use rfc2307 = yes
>> uidNumber in AD works
>> gidNumber in AD does not work
>>
>> Can you help me sort the gidNumber?
> This would be significantly less frustrating for all of us if you would
> attempt debugging the source yourself.
>
> I'm sure this isn't a difficult bug to solve, so why not give it a go.
>
> Some starting hints:
> - git grep gidNumber
> - increase debug level to cover any existing, relelvent debug
> statements
> - Add debug statements to cover the full flow control of any apparently
> relevant functions:
> DEBUG(0, ("debug message"));
> - start samba under gdb using :
> gdb --args samba -i -M single
> - use samba_start_debugger() to launch gdb under particular conditions
>
> I know you have said this is beyond you, but I do believe this is a
> skill you can learn.
>
> Andrew Bartlett
>
Hi!
This problem affects me too. After some investigation I found where the
problem is, here is the patch that fixes it:
--- a/source4/winbind/idmap.c 2012-06-21 12:54:38.000000000 +0400
+++ b/source4/winbind/idmap.c 2012-07-19 15:41:31.039544144 +0400
@@ -458,7 +458,7 @@
goto failed;
} else if (ret == LDB_SUCCESS) {
uint32_t account_type = ldb_msg_find_attr_as_uint(sam_msg,
"sAMaccountType", 0);
- if (account_type & ATYPE_ACCOUNT) {
+ if (account_type == ATYPE_ACCOUNT) {
const struct ldb_val *v = ldb_msg_find_ldb_val(sam_msg,
"uidNumber");
if (v) {
unixid->type = ID_TYPE_UID;
Steve, could you test it?
Thanks.
--
Best regards,
Sergey Urushkin
More information about the samba-technical
mailing list