[PATCH] New idmap backend that generates id's the way OS X does

Ralph Böhme slow at samba.org
Sun Oct 2 16:19:17 UTC 2016 

Hi John,

On Fri, Sep 30, 2016 at 10:40:42AM -0700, John Hixson wrote:
> On Wed, Sep 21, 2016 at 02:16:12PM -0700, Ralph Böhme wrote:
> > On Wed, Sep 21, 2016 at 04:01:27AM -0700, John Hixson wrote:
> > > On Tue, Sep 20, 2016 at 09:54:20AM -0700, Ralph Böhme wrote:
> > > > Hi John
> > > > 
> > > > On Tue, Sep 20, 2016 at 07:13:51AM -0700, John Hixson wrote:
> > > > > I wrote this for FreeNAS and want to know if you guys can use it?
> > > > 
> > > > Does this actually work at all? To me it looks like in
> > > > idmap_fruit_unixids_to_sids() you're missing to prime the synthesized
> > > > SIDs in the struct id_map array.
> > > 
> > > Yes, it actually works. Can you elaborate more on this?
> > 
> > well, maybe I'm to stupid due to attending SDC and still recovering
> > from jetlag (and Bennigan's), but with the patchset you posted (infact
> > just applying patch 3/3) this is what I get:
> 
> Hi Ralph,
> 
> I've been away at a conference as well (EuroBSDCon). The assumption here
> is that you are joined to an Active Directory. Are you?

sure, the member server is running Samba git master HEAD, the AD
server is a Samba AD also running git master HEAD.

Can you please check and ensure you posted the right patchset? Afaict
the one you posted just can't work, because it builds LDAP queries
filtering by SID S-0-0, eg:

> > slow at member1:~/samba/master$ sudo ./bin/wbinfo -U 2002901632
> > failed to call wbcUidToSid: WBC_ERR_DOMAIN_NOT_FOUND
> > Could not convert uid 2002901632 to sid
> > 
> > Log:
> > 
> > [2016/09/21 13:15:46.668334,  1, pid=12118, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:450(ndr_print_function_debug)
> >        wbint_UnixIDs2Sids: struct wbint_UnixIDs2Sids
> >           in: struct wbint_UnixIDs2Sids
> >               domain_name              : *
> >                   domain_name              : 'hillhouse'
> >               num_ids                  : 0x00000001 (1)
> >               xids: ARRAY(1)
> >                   xids: struct unixid
> >                       id                       : 0x7761da80 (2002901632)
> >                       type                     : ID_TYPE_UID (1)
> > [2016/09/21 13:15:46.668370, 10, pid=12118, effective(0, 0), real(0, 0), class=idmap] ../source3/winbindd/idmap.c:509(idmap_find_domain)
> >   idmap_find_domain called for domain 'hillhouse'
> > [2016/09/21 13:15:46.668382,  7, pid=12118, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_ads.c:62(ads_cached_connection_reuse)
> >   Current tickets expire in 35887 seconds (at 1474524833, time is now 1474488946)
> > [2016/09/21 13:15:46.669477,  5, pid=12118, effective(0, 0), real(0, 0)] ../source3/libads/ldap_utils.c:81(ads_do_search_retry_internal)
> >   Search for (|(&(|(sAMAccountType=805306368)(sAMAccountType=805306369)(sAMAccountType=805306370))(|(objectSid=S-0-0)))) in <dc=HILLHOUSE,dc=SITE> gave 0 replies

                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

How is this supposed to work?

Cheerio!
-slow

More information about the samba-technical mailing list