[Samba] could not read attribute 'msSFU30UidNumber'
Joshua Rusch
samba at strongwords.org
Fri Oct 20 19:46:13 GMT 2006
Hi,
I'm using samba 3.0.23c, and having a bit of trouble getting it to play nice
with my active directory. I'm using Windows Small Business Server 2003 with
the SFU 3.5 NIS server/schema extensions installed. I have samba configured
to use ad as the idmap backend, and sfu for nss info.
When running getent passwd, only a few active directory users show up, and I
get lots of errors like this in my winbind log:
[2006/10/20 15:33:49, 1] sam/idmap_ad.c:ad_idmap_get_id_from_sid(309)
ad_idmap_get_id_from_sid: ads_pull_uint32: could not read attribute
'msSFU30UidNumber'
[2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(85)
error getting user id for sid S-1-5-21-1020778807-1917943211-1564386419-1158
[2006/10/20 15:33:49, 1] nsswitch/winbindd_user.c:winbindd_getpwent(711)
could not lookup domain user TestUser
wbinfo -u prints out all my users
wbinfo -g prints out all my groups
getent group prints out all my groups and their unix IDs
getent -r username seems to get the correct user group unix ids for all the
users, even the ones that don't see to be able to have their SID converted
to a UID.
Anyone have any ideas?
The most relevant section of my smb.conf is
encrypt passwords = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
idmap backend = ad
winbind enum users = yes
winbind enum groups = yes
winbind nss info = sfu
winbind use default domain = yes
winbind separator = #
Let me know what other information I can provide if I've left something
relevant out.
Thanks,
Josh
More information about the samba
mailing list