[Samba] Using idmap backend = ad

Anton Brinyov bas at kurskpribor.ru
Wed Nov 7 15:21:24 GMT 2007

Good day!

I have AD on Win2003 Server with Services For UNIX 3.5.
When I try to set idmap backend = ad and type

# id <domain_user_name>

I get in log.winbindd-idmap following:

[2007/11/07 18:09:18, 1] nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(613)
   Could not get unix ID

AD user has SFU UID 20000000.

wbinfo -u prints correct lists of domain users,
and when using idmap bakend = tdb winbind assign UID for users.

Best regards
Anton Brinyov.

P.S. Some configs:

         dos charset = cp866
         unix charset = koi8-r
         display charset = koi8-r
         workgroup = MYDOMAIN
         realm = MYDOMAIN.RU
         server string = myserv
         security = ADS
         password server = ALPHA.MYDOMAIN.RU BETA.MYDOMAIN.RU
         log file = /var/log/samba/log.%m
         max log size = 50
         socket options = SO_RCVBUF=8192 SO_SNDBUF=8192
         local master = No
         ldap ssl = no
         idmap uid = 16777216-33554431
         idmap gid = 16777216-33554431
         template shell = /bin/csh
         winbind separator = +
         winbind use default domain = Yes
         winbind nss info = template sfu
         idmap backend = ad
         inherit acls = Yes
         map acl inherit = Yes
         store dos attributes = Yes
#       debug level = 10

         comment = Home Directories
         read only = No
         browseable = No

group: files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files

More information about the samba mailing list