[Samba] Mapping User from ADS

Student2 SIM SIM.Student2 at FFM.SBS.DE
Fri Jun 27 06:56:40 GMT 2003


Hi folks,

I'm using Samba 3beta running on RH 8.0 and I'd like to authentificate against a Microsoft AD. This all works very well, except that not all AD User are mapped to my Unixbox!

When starting getent passwd, my UnixBox shoiws just my User from passwd and some of the AD User - not all!! Looking through my User with the command wbinfo -u all AD user are shown correctly!

Anybody knowing any workaround?

Attached I'm sending my setups.

Sascha

my smb.conf:

[global]
        workgroup = ***
        realm = *****
        ADS server = DE4A068C.ffm.sbs.de
        server string = Samba ADS
        security = ADS
        password server = *****
        #passdb backend = smbpasswd
        algorithmic rid base = 100000
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        encrypt passwords = yes
        log file = /usr/local/samba/var/%m.log
        log level = 10
        max log size = 100000
        domain logons = yes
        ldap ssl = no
        idmap uid = 1000-200000
        idmap gid = 1000-200000
        template shell = /bin/false
        template homedir = /home/%D/%U
        winbind cache time = 1
        #'winbind gid = 20001 - 30000
        #winbind uid = 20001 - 30000
        winbind separator =*
        winbind enum groups = yes
        winbind enum users = yes
        unix password sync = Yes

extract from winbindd.log when trying getent passwd - User Sascha is shown but mapping ofHugo fails!


[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_getpwent(511)
  could not lookup domain user hugo
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(219)
  sid_to_uid: sid = [S-1-5-21-484763869-1563985344-1343024091-1313]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(245)
  sid_to_uid: Fall back to algorithmic mapping
[2003/06/26 14:04:39, 3] sam/idmap_util.c:sid_to_uid(248)
  sid_to_uid: SID S-1-5-21-484763869-1563985344-1343024091-1313 is *NOT* a user
[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(46)
  error getting user id for sid S-1-5-21-484763869-1563985344-1343024091-1313

[2003/06/26 14:04:39, 1] nsswitch/winbindd_user.c:winbindd_getpwent(511)
  could not lookup domain user sascha
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(219)
  sid_to_uid: sid = [S-1-5-21-484763869-1563985344-1343024091-1337]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_uid(231)
  sid_to_uid: uid = [10006]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_gid(277)
  sid_to_gid: sid = [S-1-5-21-484763869-1563985344-1343024091-513]
[2003/06/26 14:04:39, 10] sam/idmap_util.c:sid_to_gid(289)
  sid_to_gid: gid = [30000]




More information about the samba mailing list