[Samba] Winbindd Error : Could not init idmap -- netlogon proxy only
mallapadi niranjan
niranjan.ashok at gmail.com
Mon Feb 20 07:44:34 GMT 2006
Hi list
I have samba 3.0.21 with LDAP version 2.2.13 on Redhat Enterprise Linux 4
enterprise server
kernel version 2.6.9-5 . smbldap-tools version 0.9.
in winbind.log i get the following errors
my domain msdpl.com
#################################################################
[2006/02/16 13:05:28, 0] lib/smbldap.c:smb_ldap_setup_conn(572)
ldap_initialize: Time limit exceeded
[2006/02/16 13:05:28, 1] lib/smbldap.c:another_ldap_try(1051)
Connection to LDAP server failed for the 15 try!
[2006/02/16 13:05:29, 0] lib/smbldap.c:smb_ldap_setup_conn(572)
ldap_initialize: Time limit exceeded
[2006/02/16 13:05:29, 0] sam/idmap.c:idmap_init(138)
idmap_init: failed to initialize remote backend!
[2006/02/16 13:05:29, 1] nsswitch/winbindd.c:main(1009)
Could not init idmap -- netlogon proxy only
##########################################################
my smb.conf file
######################################################
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%m"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
ldap delete dn = Yes
ldap ssl = no
ldap suffix = dc=msdpl,dc=com
ldap admin dn = cn=manager,dc=msdpl,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
ldap timeout = 50
idmap backend = ldap://192.168.129.20
idmap uid = 10000-20000
idmap gid = 10000-20000
map acl inherit = yes
winbind use default domain = yes
template shell = /bin/false
##################################################
I do have OU=idmap,
dn: ou=Idmap,dc=msdpl,dc=com
objectClass: organizationalUnit
objectClass: sambaUnixIDPool
ou: Idmap
i have ignored the above problem as started using it, but i need to have
nested groups
for which windbind should be working i believe,
how do i fix windbind without disturbing the current setup.
when i use the below commands, i get the following error
#############################################################
[root at msdpl lib]# net rpc group addmem mvc681team "DOM\mvc681nns"
Password:
Could not lookup up group member DOM\mvc681nns
Could not add DOM\mvc681nns to mvc681team: NT_STATUS_NONE_MAPPED
[root at msdpl lib]# net rpc group addmem mvc681team "medhapdc\mvc681nns"
Password:
Could not lookup up group member medhapdc\mvc681nns
Could not add medhapdc\mvc681nns to mvc681team: NT_STATUS_NONE_MAPPED
[root at msdpl lib]# net rpc group addmem mvc681team "mvc681nns"
Password:
Could not add mvc681nns to mvc681team: NT_STATUS_NO_SUCH_USER
[root at msdpl lib]# net rpc group addmem mvc681team "DOMAIN\mvc681nns"
Password:
Could not lookup up group member DOMAIN\mvc681nns
Could not add DOMAIN\mvc681nns to mvc681team: NT_STATUS_NONE_MAPPED
[root at msdpl lib]# net rpc group addmem mvc681team "msdpl.com\mvc681nns"
Password:
Could not lookup up group member msdpl.com\mvc681nns
Could not add msdpl.com\mvc681nns to mvc681team: NT_STATUS_NONE_MAPPED
[root at msdpl lib]# net rpc group addmem mvc681team "msdpl.com\mvc681nns"
Password:
Could not lookup up group member msdpl.com\mvc681nns
Could not add msdpl.com\mvc681nns to mvc681team: NT_STATUS_NONE_MAPPED
#############################################################
More information about the samba
mailing list