[Samba] Problem with Samba-3.0.25rc3 & idmap_ldap (winbind dumps core)

idra at samba.org idra at samba.org
Wed May 2 19:34:16 GMT 2007

On Tue, May 01, 2007 at 02:49:10AM -0500, Don Meyer wrote:

> Then I traced the secret retrieval process back to passdb/secrets.c, 
> where I then traced the secrets_store_generic function back out to 
> the 'net idmap secret' command.   For others reference, to set the 
> ldap_user_dn password for each defined domain, and for the idmap 
> alloc config side, you use the following commands:
> net idmap secret <DOMAIN> <secret>
> net idmap secret alloc <secret>
> (Note:  A little pointer dropped in the man page for idmap_ldap would 
> have been quite helpful here...)

There is a note in the man pages that say:


	In order to use authentication against ldap servers you may need to
	provide a DN and a password. To avoid exposing the password in plain
	text in the configuration file we store it into a security store. The
	"net idmap " command is used to store a secret for the DN specified in a
	specific idmap domain. 



> I'm having trouble tracing this beyond the idmap_init function in 
> nsswitch/idmap.c.
> If this points to a problem in samba, I hope this helps.   On the 
> other hand, if this is a problem in my setup, any pointers in the 
> direction of fixing it would be greatly appreciated.

A core dump is definitively an issue, I will try to reproduce and fix it
today on my train trip or at worst tomorrow.


Simo Sorce       idra at samba.org
Samba Team http://www.samba.org

More information about the samba mailing list