[Samba] The 'nobody' account (mapping not found for gidNumber: 99) - Solution!

Ian Clancy clancyian at cel.ie
Thu May 5 20:01:25 GMT 2005

Ian Clancy wrote:

> Hi,
> I am using a samba domain controller with an LDAP backend. I am also 
> using samba domain controllers with this setup similar to those 
> described in the 'Domain Members, Updating Samba and Migration' 
> chapter of the Samba By Example book.
> On the domain member servers winbind stores the UID<->SID in the Idmap 
> section of the directory. This appears to be working correctly, 
> however i think there is a problem with the nobody account that is 
> present on the local system (in /etc/passwd) and the nobody account in 
> the Directory (as created by smbldap-populate). I see the following 
> entry reported in log.winbindd
>> [2005/05/05 00:18:25, 0] sam/idmap_ldap.c:ldap_get_sid_from_id(525)
>>   ldap_get_sid_from_id: mapping not found for gidNumber: 99
> I understand the winbind does not like the fact that there are two 
> nobody accounts on the system. Does anybody know a workaround for this 
> problem ?. I don't think it is a good idean to delete either of the 
> acounts.
> Any idea's, comments welcome  ?
> Thanks
Hi again,
Don't want to get into a habit of replying to my own emails but for the 
sake of closure i've found the solution to this little problem. Turns 
out you need to add the following line to smb.conf :

username map = /etc/samba/smbusers

The contents of the smbuser file :

nobody = guest pcguest smbguest

Maybe this will be of some use to somebody googling for an answer in the 

Ian Clancy
IT Systems Engineer
Connaught Electronics Ltd.
Dunmore Rd,
Co. Galway,

P : ++353 93 23151
F : ++353 93 23110
E : mailto:clancyian at cel.ie
W : http://www.cel-europe.com

More information about the samba mailing list