[Samba] Winbind + LDAP Idmap backend finally running!

Gerald (Jerry) Carter jerry at samba.org
Thu Nov 6 22:03:34 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bernd Waldboth wrote:
| After many hours of trial and error I finally managed to get my Winbind
| server with Ldap Idmap backend up and running. I even had to go through
| parts of the sources but finally I found out what the reason was why my
| LDAP db never was updated.
|
| The problem was that at some point the uid/gid to sid mapping function
| referred to the "ldap idmap suffix" and at other times to "ldap group
| suffix" entries in the smb.conf (the exact name of the function is
| ldap_get_id_from_sid).
|
| The solution was to point both "ldap idmap suffix" and "ldap group
| suffix" (and to be sure also "ldap user suffix" and "ldap machine
| suffix") in the smb.conf to the desired idmap ou. I don't know if this
| was the desired behavior or not.
|
| Another thing I found out was that I had to remove the "ldap suffix"
| entry.
|
| I hope I could help someone with the same problem.

Would you mind trying the patch got bug #680
at https://bugzilla.samba.org/ and amke sure it doesn't
break things for you?

I'm about to change something here but I want to get some
testing on it first.



cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/qsU2IR7qMdg1EfYRAiI0AKC1km4v78bSwzQPE6Rko++rYKqaEgCfY2me
LPLqkHyHIZDTAEef87LZh2g=
=9DoO
-----END PGP SIGNATURE-----




More information about the samba mailing list