[Samba] idmap backend problems
Maarten de Boer
mdeboer at iua.upf.es
Fri Mar 4 14:18:44 GMT 2005
Hello,
I am trying out Samba + Winbind + NSS + CIFS in a test environment,
which currently consists of a PDC, a fileserver, and a client, all with
samba 3.0.11
I got everything working more or less, but noticed that the uid's are
different on the fileserver and on the client (resulting in erroneous
file ownership on the cifs mount). This is also very obvious when doing
a getent passwd.
The [global] portion in the smb.conf file on fileserver and client:
[global]
winbind separator = +
realm = testwg
workgroup = testwg
encrypt passwords = true
password server = testpdc
security = DOMAIN
idmap uid = 10000-65000
idmap gid = 10000-65000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
allow trusted domains = No
unix extensions = yes
After reading the docs, I get the impression that I should use a idmap
backend to have consistent uid's. Am I correct?
I don't have an LDAP server, and I'd prefer not to add another service
to the chain, so I recompiled samba with
--with-shared-modules=idmap_rid
and tried adding
idmap backend = idmap_rid:TESTWG=1000-50000000
to both the fileserver and client smb.conf files. This breaks uid mapping.
in log.winbindd, i got lots of entries like:
[2005/03/04 14:21:08, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(50)
error getting user id for sid S-1-5-21-1893565685-1185636268-3552291067-3110
[2005/03/04 14:21:08, 1] nsswitch/winbindd_user.c:winbindd_getpwent(566)
could not lookup domain user
Any idea?
Maarten
More information about the samba
mailing list