[Samba] ldapsam_compat - join workstation to domain problem

Tirone Nel tironen at clubtech.co.za
Tue Oct 7 11:53:27 GMT 2003

Hi there

I am using Samba 3.0 release with the ldapsam_compat backend until we are
ready to migrate to the new LDAP samba schema.  Using the same "root" LDAP
user (and smbldap-tools) that Samba 2.28 allowed me to add workstations to
the domain successfully, I receive a new error - "No mapping between account
names and security IDs was done".  When I switch to the domain running on
Samba 2, it then joins the user perfectly.

I have used the smb-ldap-3-howto as my guideline.  The LDAP "root" user's
uidNumber and gidNumber are both 0.  The primaryGroupID is 512 and the rid
is 1000 (I even tried using the name "Administrator" as per the
aforementioned howto, but that made no difference anyway).

I have mapped the group - [localsid]-512 to the "admins" group (gidNumber
0).  I even tried mapping the group [localsid]-1001 to admins group too, but
got the same error.

I am at my wit's end, as I have scoured google, the Samba mailing lists, the
howto's, documentation, etc, and have found no record of this existing
error.  What could the problem be?

On a side note, I did run a test after converting to a ldapsam v3 and ended
up with the same error!  So it's not the fact that I'm using ldapsam_compat.
I have tried adding multiple workstations and it is not caused from any
capital letters (as per the same error message appearing apparently in some
Samba 2.x setups).

Tirone Nel
Systems Administrator
Club Technology

More information about the samba mailing list