[Samba] Re: Re: UID and GID's

Blindauer Emmanuel samba at agat.net
Fri Sep 10 21:52:45 GMT 2004

Le vendredi 10 Septembre 2004 23:17, Tom a écrit :
> Ok, I entered all that stuff in.  I also created a samba user in AD and
> delegated control to the ou idmap to it.
> I did the "smbpasswd -w" command and entered all the entries I needed in
> smb.conf
> Do I have to set up anything in the ldap.conf?
> it works kinda, I'm getting the following errors in my winbind.log file:
> [2004/09/10 16:25:27, 0] sam/idmap_ldap.c:ldap_allocate_id(413)
>   ldap_allocate_id: single sambaUnixIdPool object not found
> What does it create in the ou Imap? Will I be able to see the entries when
> using the Active Directory MMC on the domain controllers?
you need to create your ldap with correct entries, I got them by using the 
classical howto about using samba+ldap to be a domain server. you don't need 
all entries in ldap, only the Idmap.
using ldapbrower, my Idmap is: 

ou = Idmap
objectClass = organizationalUnit
objectClass = sambaUnixIdPool

this ldap tree is fully disconnected from AD, you won't see it in mmc.

> "wbinfo -u" works
> "getent passwd" doesn't work, well it only lists the /etc/passwd stuff
Normal, wbinfo uses winbind directly like doing a "net user", but getent 
passwd will use the nsswitch.conf, and must be able to create all entries for 
having a working system. as soon you will have a working ldap backend, getent 
passwd will show you more entries (It will generate the maping at this time, 
I like to do a "getent passwd" on server when I add some users to be sure 
that all is working fine after adding some users.


More information about the samba mailing list