[Samba] Re: Re: UID and GID's
samba at agat.net
Fri Sep 10 21:52:45 GMT 2004
Le vendredi 10 Septembre 2004 23:17, Tom a écrit :
> Ok, I entered all that stuff in. I also created a samba user in AD and
> delegated control to the ou idmap to it.
> I did the "smbpasswd -w" command and entered all the entries I needed in
> Do I have to set up anything in the ldap.conf?
> it works kinda, I'm getting the following errors in my winbind.log file:
> [2004/09/10 16:25:27, 0] sam/idmap_ldap.c:ldap_allocate_id(413)
> ldap_allocate_id: single sambaUnixIdPool object not found
> What does it create in the ou Imap? Will I be able to see the entries when
> using the Active Directory MMC on the domain controllers?
you need to create your ldap with correct entries, I got them by using the
classical howto about using samba+ldap to be a domain server. you don't need
all entries in ldap, only the Idmap.
using ldapbrower, my Idmap is:
ou = Idmap
objectClass = organizationalUnit
objectClass = sambaUnixIdPool
this ldap tree is fully disconnected from AD, you won't see it in mmc.
> "wbinfo -u" works
> "getent passwd" doesn't work, well it only lists the /etc/passwd stuff
Normal, wbinfo uses winbind directly like doing a "net user", but getent
passwd will use the nsswitch.conf, and must be able to create all entries for
having a working system. as soon you will have a working ldap backend, getent
passwd will show you more entries (It will generate the maping at this time,
I like to do a "getent passwd" on server when I add some users to be sure
that all is working fine after adding some users.
More information about the samba