[Samba] Unable to locate SID, possible problem with Idmap?
Gerald (Jerry) Carter
jerry at samba.org
Fri Jan 19 14:42:24 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jason,
> I am running Samba as a PDC with an LDAP backend and all
> is working good, except now I am trying to set up a Samba
> Domain Member server with shares on it that will be
> authenticated via the PDC, but for some reason
> it is not working. One interesting thing I notice is
> that when I run pdbedit -Lv on the PDC I get results like this:
>
> Unix username: test
> NT username: test
> Account Flags: [U ]
> User SID: S-1-5-21-1194936901-2368177035-684874509-3020
> init_group_from_ldap: Entry found for group: 513
> ldapsam_getsampwsid: Unable to locate SID
> [S-1-5-21-1194936901-2368177035-684874509-513] count=0
> init_group_from_ldap: Entry found for group: 513
> Primary Group SID: S-1-5-21-1194936901-2368177035-684874509-513
> Full Name: Test Account
> <snip>
>
> Notice the line /ldapsam_getsampwsid: Unable to locate SID
> [S-1-5-21-1194936901-2368177035-684874509-513] count=0, /is that a
> problem or is it normal behavior?
It's probably fine if you don't have a mapping for Domain Users.
> I was able to join the Member Server to the domain, but I
> cannot see the users and groups from LDAP using getent. I
> tried setting it up with NSS and also with Winbind and
> neither seems to work. Any thoughts?
Make sure you updated the schema file and added the new index
as described in the release notes.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFsNjQIR7qMdg1EfYRAnEmAJ9PRu3wGQFxnpHE2gGV8lV9Xgy+bwCg3JRC
1XmW1CM5h0WOphus40G/5SY=
=ojm7
-----END PGP SIGNATURE-----
More information about the samba
mailing list