idmap.rfc2307 flakey
Stefan Metzmacher
metze at samba.org
Fri Dec 8 16:32:32 UTC 2017
Hi,
I found part of the reason why idmap.rfc2307 is flakey.
The main difference is that the failing version doesn't have the
domain sids as member of builtin groups.
$ bin/tdbdump
/data/tmp/samba-master3.fail/ad_member_rfc2307/lockdir/group_mapping.tdb
|grep -A1 'MEMBEROF'
$ bin/tdbdump
/data/tmp/samba-master3.ok/ad_member_rfc2307/lockdir/group_mapping.tdb
|grep -A1 'MEMBEROF'
key(55) = "MEMBEROF/S-1-5-21-1335776168-1709816617-1386263926-513\00"
data(13) = "S-1-5-32-545\00"
--
key(55) = "MEMBEROF/S-1-5-21-1335776168-1709816617-1386263926-512\00"
data(13) = "S-1-5-32-544\00"
At join time libnet_join_add_dom_rids_to_builtins() hits the
NT_STATUS_PROTOCOL_UNREACHABLE case generated by pdb_create_builtin()
because winbindd is not running yet.
Can anyone explain how this is supposed to work?
What's the code patch where this is some times added and some times not???
metze
More information about the samba-technical
mailing list