[Samba] Unable to locate SID, possible problem with Idmap?

[Jason Baker]

I am running Samba as a PDC with an LDAP backend and all is working 
good, except now I am trying to set up a Samba Domain Member server with 
shares on it that will be authenticated via the PDC, but for some reason 
it is not working. One interesting thing I notice is that when I run 
pdbedit -Lv on the PDC I get results like this:

    Unix username:        test
    NT username:          test
    Account Flags:        [U          ]
    User SID:             S-1-5-21-1194936901-2368177035-684874509-3020
    init_group_from_ldap: Entry found for group: 513
    ldapsam_getsampwsid: Unable to locate SID
    [S-1-5-21-1194936901-2368177035-684874509-513] count=0
    init_group_from_ldap: Entry found for group: 513
    Primary Group SID:    S-1-5-21-1194936901-2368177035-684874509-513
    Full Name:            Test Account
    <snip>

Notice the line /ldapsam_getsampwsid: Unable to locate SID 
[S-1-5-21-1194936901-2368177035-684874509-513] count=0, /is that a 
problem or is it normal behavior?

I was able to join the Member Server to the domain, but I cannot see the 
users and groups from LDAP using getent. I tried setting it up with NSS 
and also with Winbind and neither seems to work. Any thoughts?

-- 

*Jason Baker
*/IT Coordinator/


*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>