[Samba] winbind user mapping problem
Lantukh Sergey
sergey.lantukh at docpath.com
Fri Dec 30 05:35:43 MST 2011
Good for you!
I can not say it is logical or not.
Maybe in another version works differently...
Which version are you using?
On 30/12/2011 13:24, Bruno Martins wrote:
> It solved my problem! Now, new users get allocated right. But why did
> this happen?
>
> By the way, is it normal that previously mapped users keep with the
> old UID, and newly mapped ones get the UID in the now defined UID
> range?
>
> Best regards,
>
> Bruno Martins
>
> On Fri, Dec 30, 2011 at 12:14 PM, Lantukh Sergey
> <sergey.lantukh at docpath.com> wrote:
>> The database is here (in Linux/Debian):
>> /var/lib/samba/winbindd_idmap.tdb
>> try to just delete (move/rename) it and then restart winbind.
>> But do not forget about BACKUP!
>>
>> I had this problem and this solution helped me
>>
>> In AD there are not only users but also as a special accounts like krbtgt
>> and groups and more...
>>
>>
>> On 30/12/2011 13:00, Bruno Martins wrote:
>>> Hello mate,
>>>
>>> Thanks for your answer. How can I do that?
>>>
>>> I've noticed this:
>>> root at sputnik:/var/lib/samba# wbinfo -u | wc -l
>>> 140
>>>
>>> root at sputnik:/var/lib/samba# tdbbackup -v winbindd_idmap.tdb
>>> winbindd_idmap.tdb : 521 records
>>>
>>> Is this normal? 140 users on AD (seems correct), but 521 mappings?
>>>
>>> Best regards,
>>>
>>> Bruno Martins
>>>
>>> On Fri, Dec 30, 2011 at 11:57 AM, Lantukh Sergey
>>> <sergey.lantukh at docpath.com> wrote:
>>>> Hello
>>>> I think that you need to clean the Winbind database that contains bridge
>>>> between UID/GID - SID
>>>> And then restart winbind, and he again will fill the database
>>>>
>>>>
>>>> On 30/12/2011 10:44, Bruno Martins wrote:
>>>>> Hello list,
>>>>>
>>>>> I am using Samba + winbind and I have some users that cannot access
>>>>> shares on this server, getting the following error in
>>>>> '/var/log/samba':
>>>>> [2011/12/30 09:33:08.072315, 1]
>>>>> smbd/sesssetup.c:454(reply_spnego_kerberos)
>>>>> Username GALILEU-F\teste is invalid on this system
>>>>>
>>>>> Also, in 'winbind-idmap' log file I am getting this:
>>>>> [2011/12/30 09:32:56.902810, 1]
>>>>> winbindd/idmap_tdb.c:445(idmap_tdb_allocate_id)
>>>>> Fatal Error: UID range full!! (max: 120000)
>>>>>
>>>>> So what happens in reality? Trying to 'getent' that user results in
>>>>> nothing, so no mapping, right?
>>>>> root at sputnik:/var/cache/samba# getent passwd bmartins
>>>>> bmartins:*:100001:100000::/home/GALILEU-F/bmartins:/bin/false
>>>>> root at sputnik:/var/cache/samba# getent passwd teste
>>>>> root at sputnik:/var/cache/samba#
>>>>>
>>>>> However, 'wbinfo' works for that user:
>>>>> root at sputnik:/var/cache/samba# wbinfo -u | grep teste
>>>>> teste
>>>>>
>>>>> My 'smb.conf' returns this, regarding to idmap parameters:
>>>>> root at sputnik:/var/cache/samba# cat /etc/samba/smb.conf | grep idmap
>>>>> # idmap uid = 10000-200000
>>>>> idmap uid = 100000-120000
>>>>> # idmap gid = 300000-400000
>>>>> idmap gid = 100000-120000
>>>>>
>>>>> I have tried lower and higher values, did a reload on winbind service,
>>>>> but nothing seems to help.
>>>>>
>>>>> Could you please help me on this?
>>>>>
>>>>> Best regards,
>>>>>
>>>>> Bruno Martins
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions: https://lists.samba.org/mailman/options/samba
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list