[Samba] winbindd/idmap_ldap.c:472(idmap_ldap_allocate_id) Cannot allocate gid above 20000!
Jelle de Jong
jelledejong at powercraft.nl
Thu Dec 22 01:50:31 MST 2011
On 19/12/11 19:10, Jelle de Jong wrote:
> On 19/12/11 11:22, Jelle de Jong wrote:
>> On 23/05/11 13:37, Jelle de Jong wrote:
>>> I got a few servers that where running stable and somehow winbindd
>>> started complaining. There were no users added or any samba related
>>> updates. Also the problems did not started on the same day one of the
>>> servers started today and on other one months ago...
>>>
>>> winbindd[14450]: [2011/05/23 13:33:13.442070, 0]
>>> winbindd/idmap_ldap.c:472(idmap_ldap_allocate_id)
>>> winbindd[14450]: Cannot allocate gid above 20000!
>>>
>>> # winbindd --version
>>> Version 3.5.6
>>
>> I am still having these errors and I keep increasing the values:
>>
>> idmap uid = 10000-60500
>> idmap gid = 10000-60500
>>
>> I started with 20000 and I am now on 60500...
>>
>> Dec 19 11:01:15 stayce winbindd[23861]: [2011/12/19 11:01:15.569602, 0]
>> winbindd/idmap_ldap.c:472(idmap_ldap_allocate_id)
>> Dec 19 11:01:15 stayce winbindd[23861]: Cannot allocate gid above 60500!
>>
>> # winbindd --version
>> Version 3.5.6
>
> I found the following:
>
> samba (2:3.5.8~dfsg-1) unstable; urgency=low
> * New upstream release. This fixes the following bugs:
> - Winbind leaks gids with idmap ldap backend (upstrem #7777)
> Closes: #613624
>
> Upgraded to:
>
> # winbindd --version
> Version 3.5.11
>
> Hopefully this will fix my issues.
Sadly this didn't work!! A few days later the problem started again...
stayce:~# grep "Cannot allocate gid above" /var/log/syslog
Dec 22 07:28:15 stayce winbindd[26373]: Cannot allocate gid above 61000!
Dec 22 07:28:15 stayce winbindd[26373]: Cannot allocate gid above 61000!
Dec 22 07:29:53 stayce winbindd[26373]: Cannot allocate gid above 61000!
<snip>
Dec 22 09:31:40 stayce winbindd[26373]: Cannot allocate gid above 61000!
stayce:~# winbindd -V
Version 3.5.11
stayce:~# smbd -V
Version 3.5.11
stayce:~# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[documenten]"
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = company
netbios name = SERVER
passdb backend = ldapsam
log file = /var/log/samba/log.%m
smb ports = 445
time server = Yes
load printers = No
printcap name = /dev/null
disable spoolss = Yes
logon script = netlogon.bat
logon path = \\%N\profiles\%U
domain logons = Yes
preferred master = Yes
domain master = Yes
dns proxy = No
ldap admin dn = cn=admin,dc=company,dc=nl
ldap delete dn = Yes
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap
ldap machine suffix = ou=computers
ldap passwd sync = yes
ldap suffix = dc=company,dc=nl
ldap ssl = no
ldap user suffix = ou=users
usershare max shares = 0
usershare path = /srv/storage/shares
panic action = /usr/share/samba/panic-action %d
idmap backend = ldap:ldap://localhost/
idmap alloc backend = ldap
idmap uid = 10000-61000
idmap gid = 10000-61000
template homedir = /srv/storage/shares/
template shell = /bin/bash
ldapsam:trusted = yes
ldapsam:editposix = yes
idmap alloc config : ldap_url = ldap://localhost/
idmap alloc config : ldap_base_dn = ou=idmap,dc=company,dc=nl
idmap alloc config : ldap_user_dn = cn=admin,dc=company,dc=nl
printing = bsd
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
[documenten]
path = /srv/storage/shares
read only = No
inherit acls = Yes
map acl inherit = Yes
hide unreadable = Yes
store dos attributes = Yes
vfs objects = recycle
recycle:keeptree = Yes
recycle:versions = Yes
recycle:touch_mtime = Yes
[homes]
comment = Home Directories
path = /srv/storage/samba/homes/%U
read only = No
inherit acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
root preexec = /usr/local/bin/samba-mkdir-home %U
[netlogon]
comment = Network Logon Service
path = /srv/storage/samba/netlogon
read only = No
inherit acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
[profiles]
comment = Users profiles
path = /srv/storage/samba/profiles
read only = No
inherit acls = Yes
profile acls = Yes
map acl inherit = Yes
store dos attributes = Yes
browseable = No
Can somebody help me?
Kind regards,
Jelle de Jong
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20111222/0e195c3e/attachment.pgp>
More information about the samba
mailing list