[Samba] Samba ADS on AIX 6.1 TL04

[Yashpal Nagar]

Hi All

I'm trying to intergrate samba server with ADS on AIX 6.1 TL04, for last one
week, with idmap / winbind but no satisfactory results. I have gone through
various links at samba.org relating to winbind, idmapper and followed
http://pware.hvcc.edu/  for precompiled binaries and
http://pware.hvcc.edu/AIX-Samba.pdf which is for AIX 6.1 TL03 though.

I have found the samba which is provided by IBM with expansion pack doesn't
have support for ADS. The binaries I have tried with is both 32 bit and
64bit of samba, neither of them has worked for me. ADS join is ok, I am able
to see all good ouput for wbinfo -t/-m/-p etc.

I have copied the WINBIND module under /usr/lib/security and changed
/usr/lib/security/methods.cfg
as
WINBIND:
        program = /usr/lib/security/WINBIND
        options = authonly

the /etc/security/user the default stanza with

SYSTEM = "WINBIND OR compat"

The errors I have repeatedly encountered is --
Could not trigger lookup sid
sid2gid returned an error
Could not lookup name for user MYDOMAIN\USER1

Some other errors are
Error GID range is full!!

No matter I removed *.tdb files, specified new ranges etc, this GID error
persistenly appears. I have reached to the point where user autentication is
successful but sid to gig mapping doesn't work, or lookup for that AD user
fails. The AD seems to be OK , as another server AIX 5.2 is already working
with samba compiled with ADS support.

What I would like to know.
1. How do we compile samba from scratch, I tried 3.5.2 , ./configure was OK,
but this didn;t created any makefile! , I understand I need to
compile kerbros , db, openldap before compiling samba, which version of the
dependent software (kerbros, db, openldap) be used?
2. How can I resolve this GID range full error.
3. what shall be done to have sid to gid mapping.

Best Regards,
Yash