[Samba] Samba, AIX and Winbind

Carlos Eduardo Pedroza Santiviago segfault at gmail.com
Wed Aug 9 14:31:49 GMT 2006


I'm having some problems in the following situation:

- a SLES9 PDC (Samba/OpenLDAP)
- a IBM NAS500 Gateway, supposed to be a storage with SMB features,
but Samba is far better than that

I've got Samba 3.0.23 working, and i can see my LDAP users/groups
(through aix native ldap client -- i mean, the "id" command returns
every user found in the base).

However, i'm not able to assign new permissions to my folders, since i
get this error:

create_canon_ace_lists: unable to map SID
S-1-5-21-112207604-471413004-518595180-18138 to uid or gid.

I was told that i needed to use winbindd, and that really worked
(thanks Idra), BUT, that raises another problem: since i have to
specify idmap ranges for uid/gid, i lost my unique uid stored in the
LDAP base.

I've tried to use idmap "backend = ldap:ldap://myserver", but, i still
have to specify those ranges, otherwise i get this error:

[2006/08/09 10:49:59, 0] nsswitch/winbindd_util.c:winbindd_param_init(787)
  winbindd: idmap uid range missing or invalid
[2006/08/09 10:49:59, 0] nsswitch/winbindd_util.c:winbindd_param_init(788)
  winbindd: cannot continue, exiting.
[2006/08/09 10:49:59, 1] nsswitch/winbindd.c:main(986)
  Could not init idmap -- netlogon proxy only

Finally, Some questions:
- Why do i have to still specify idmap ranges when using backend = ldap?
- Does winbindd ldap support work with OpenLDAP?
- Has anyone been able to do something like this? I mean, using a
unique UID across multiple environments?


More information about the samba mailing list