[Samba] idmap_ad Integration with Windows 2003 pre-R2

S Murthy Kambhampaty smk_va at yahoo.com
Fri Jun 22 15:42:40 GMT 2007

Simo, thanks for the info on the configuration syntax.  

I'm still uncertain whether the rfc2307-related AD schema extensions in Windows 2003  are  compatible with Samba, or  the  R2 schema update is needed.  When I  use idmap_ad in our Win2k3 environment, on `getent passwd` winbind logs an error of  "ads_check_posix_schema_mapping: failed NT_STATUS_NONE_MAPPED" at  libads/ldap_schema.c:ads_check_posix_schema_mapping(243), which suggests that the AD schema does not have the particular uid/gid attribs that winbind is looking for.  Could this be due to differences in the schema between the pre-R2 and R2 versions of the AD schema in Win 2k3?


----- Original Message ----
From: simo <idra at samba.org>
To: S Murthy Kambhampaty <smk_va at yahoo.com>
Cc: samba at lists.samba.org
Sent: Friday, June 22, 2007 10:28:29 AM
Subject: Re: [Samba] idmap_ad Integration with Windows 2003 pre-R2

On Thu, 2007-06-21 at 10:55 -0700, S Murthy Kambhampaty wrote:
> Is then new idmap_ad module capable of getting uid/gid info from a Windows 2003 AD pre-R2 with RFC2307 Unix Identity Mapping Extensions applied?
> Also, is the correct syntax for specifying the schema_mode as follows:
>  idmap config dom.example.com:schema_mode = rfc2307

Right now we support only the short domain name, not the FQDN domain name,
all the rest is like you said.


> Simo Sorce
> Samba Team GPL Compliance Officer
> email: idra at samba.org
> http://samba.org

Never miss an email again!
Yahoo! Toolbar alerts you the instant new Mail arrives.

More information about the samba mailing list