[Samba] LDAP/IDMAP/3.0.4
William Jojo
jojowil at hvcc.edu
Fri Jul 30 19:57:07 GMT 2004
I've written a program according to what I learned from all the docs and
John T.'s assessment of what I intended to do from an email about a month
back.
I've got everything in LDAP *no* winbind is in use and my ldap value from
[global] are:
passdb backend = ldapsam:"ldap://ldap.hvcc.edu"
ldap suffix = dc=hvcc,dc=edu
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=root,dc=hvcc,dc=edu
idmap backend = ldap:ldap://ldap.hvcc.edu
But I'm stuck on joining the PC to the domain. I'm getting "No mapping
between account names and security IDs was done."
But from the logs, I can't seem to gleen *which* mapping it's referring
to. I'm still looking and I'm sure it's something dreadfully ignorant on
my part. It is authing the root user properly because if I give the wrong
root password, it tells me so and the log reflects this as well.
I have an idmap entry for every user for every one of the seven domains we
have and I calculated all the rid values using the legacy algorithmic
method and populated the LDAP DIT with it all. Every sambaSamAccount is
also a posix and shadow account.
It loads perfectly, AIX is (surprisingly :-P ) happy and Samba seems truly
happy up until this point.
I'll keep digging, but if the experts have seen this and can suggest a
quick fix, I'd appreciate it. All hits I've found so far are relative to
2.2.
The only strange error I just found (while composing this email) is:
[2004/07/30 15:51:07, 3] smbd/connection.c:yield_connection(76)
yield_connection: tdb_delete for name failed with error Record does not
exist.
Thank you!
Bill
More information about the samba
mailing list