[PATCH] New idmap module idmap_rfc2307
Christof Schmitt
christof.schmitt at us.ibm.com
Fri Jun 22 09:27:48 MDT 2012
steve <steve at steve-ss.com> wrote on 06/22/2012 03:10:17 AM:
> Hi Christof
> I just tested the
> idmap config DOMAIN : backend = rfc2307
> on the latest git from today.
>
> Under s3fs it doesn't seem to work. If a user creates a file in windows,
> the uidNumber and gidNumber come from idmap, not from the directory.
>
> Under NFS on Linux clients everything works fine. All the rfc2307
> classes and attributes are exactly those set in the s4 LDAP directory,
> pulled via nss.
>
> Maybe I have missed something?
Hi Steve,
it is hard to say without traces. Can you run with log level 10
and check the logfiles (e.g. log.winbindd-idmap)? If you post the
traces, it would be useful to also see the Samba config.
You could also try to lookup mappings with wbinfo first before
using the file server.
Some things that come to mind are:
- You have to restart winbindd after the config change.
- The required attributes for the user records are uidNumber and
uid and for the groups cn and gidNumber.
- You need a valid group mapping for the primary group.
- If you get wrong mappings, they might come from the winbind
cache. Run 'net cache flush' to clear the cache.
Regards,
Christof Schmitt || IBM || SONAS System Development || Tucson, AZ
christof.schmitt at us.ibm.com || +1-520-799-2469 (T/L: 321-2469)
More information about the samba-technical
mailing list