[Samba] Winbind/idmap_nss search request to LDAP

Pere Rodríguez pere.rodriguez.rodriguez at gmail.com
Mon Feb 16 14:11:06 GMT 2009


I have a PDC and BDC servers with an OpenLDAP backend. It works fine
for a 500 users office.

I also have some servers with LDAP NSS and PAM and Samba with
idmap_nss backend. It also works fine. The configuration for theses
servers is:


    workgroup = AURORA
    idmap domains = AURORA
    idmap config AURORA:backend = nss
    idmap config AURORA:readonly = yes
    winbind use default domain = no

Now, I have detected that when winbind/idmap_nss it searches
 a user in the LDAP it is doing 3 search requests:

1.- Filter: (&(objectClass=posixAccount)(uid=aurora\5972)) -> 0 results

2.- Filter: (&(objectClass=posixAccount)(uid=AURORA\5972)) -> 0 results

3.- Filter: (&(objectClass=posixAccount)(uid=5972)) -> 1 result

The searches 1 and 2 are incorrect because the user id (uid) doesn't
have the domain name in the uid.

How must I configure SAMBA/NSS to do only one search request (the
third search [uid=5972])?

Thanks in advance,


More information about the samba mailing list