[Samba] username map Solaris 10 11/08 using Sun DS 5.x ldap for authentication

Andrew Chaplin chaplina+samba at canisius.edu
Tue Feb 3 18:18:38 GMT 2009

This has been resolved using idmap backend = nss.

Thanks to Glenn Machin for pointing me in the right direction.

We don't require username mapping as the accounts are the same in AD
and DS.

Andrew Chaplin wrote:
> Here's the configuration:
>     OS: Solaris 10 11/08
>     OS Authentication: Sun Directory Server 5.x
>     Samba: v3.0.32 included with Solaris 10 11/08
>     Samba auth: Windows 2003R2 AD
> Using a Windows XP client authenticated against AD mounting of home 
> directories works fine and I'm able to perform create/modify/delete ops 
> on files/directories in the home directory and files/directories which 
> are created have the proper uid/gid associated with the user.
> If I try to modify the permissions for a file/directory from XP, samba 
> complains about not being able to map a SID to a uid/gid.
> Windows 2003R2 AD has the RFC2307 schema preloaded.  If I populate user 
> accounts with their respective uid/gid, will that resolve the mapping 
> error?  Am I going to run into problems with winbind?
> Are there other options?
> Note that it is essential that LDAP and AD maintain consistent uid/gid 
> per user/group.

More information about the samba mailing list