[Samba] Problem with Samba-3.0.25rc3 & idmap_ldap (winbind
dumps core)
simo
idra at samba.org
Thu May 3 12:37:54 GMT 2007
On Wed, 2007-05-02 at 19:34 +0000, idra at samba.org wrote:
> On Tue, May 01, 2007 at 02:49:10AM -0500, Don Meyer wrote:
> [...]
>
> > Then I traced the secret retrieval process back to passdb/secrets.c,
> > where I then traced the secrets_store_generic function back out to
> > the 'net idmap secret' command. For others reference, to set the
> > ldap_user_dn password for each defined domain, and for the idmap
> > alloc config side, you use the following commands:
> >
> > net idmap secret <DOMAIN> <secret>
> > net idmap secret alloc <secret>
> >
> >
> > (Note: A little pointer dropped in the man page for idmap_ldap would
> > have been quite helpful here...)
>
> There is a note in the man pages that say:
>
> NOTE
>
> In order to use authentication against ldap servers you may need to
> provide a DN and a password. To avoid exposing the password in plain
> text in the configuration file we store it into a security store. The
> "net idmap " command is used to store a secret for the DN specified in a
> specific idmap domain.
>
> From:
> http://www.samba.org/samba/docs/man/manpages-3/idmap_ldap.8.html
>
>
> [..]
>
> > I'm having trouble tracing this beyond the idmap_init function in
> > nsswitch/idmap.c.
> >
> >
> > If this points to a problem in samba, I hope this helps. On the
> > other hand, if this is a problem in my setup, any pointers in the
> > direction of fixing it would be greatly appreciated.
>
> A core dump is definitively an issue, I will try to reproduce and fix it
> today on my train trip or at worst tomorrow.
Dan, found the problem, it was our fault.
I fixed it in r22645.
Here
http://websvn.samba.org/cgi-bin/viewcvs.cgi?makepatch=1&rev=22645&view=rev
you can get the patch and apply it to test everything else is ok for
you.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org
More information about the samba
mailing list