[Samba] winbind user mapping problem
Bruno Martins
bmomartins at gmail.com
Fri Dec 30 06:39:38 MST 2011
I'm using 3.5.6.
On Fri, Dec 30, 2011 at 12:35 PM, Lantukh Sergey
<sergey.lantukh at docpath.com> wrote:
> Good for you!
>
> I can not say it is logical or not.
>
> Maybe in another version works differently...
> Which version are you using?
>
>
> On 30/12/2011 13:24, Bruno Martins wrote:
>>
>> It solved my problem! Now, new users get allocated right. But why did
>> this happen?
>>
>> By the way, is it normal that previously mapped users keep with the
>> old UID, and newly mapped ones get the UID in the now defined UID
>> range?
>>
>> Best regards,
>>
>> Bruno Martins
>>
>> On Fri, Dec 30, 2011 at 12:14 PM, Lantukh Sergey
>> <sergey.lantukh at docpath.com> wrote:
>>>
>>> The database is here (in Linux/Debian):
>>> /var/lib/samba/winbindd_idmap.tdb
>>> try to just delete (move/rename) it and then restart winbind.
>>> But do not forget about BACKUP!
>>>
>>> I had this problem and this solution helped me
>>>
>>> In AD there are not only users but also as a special accounts like krbtgt
>>> and groups and more...
>>>
>>>
>>> On 30/12/2011 13:00, Bruno Martins wrote:
>>>>
>>>> Hello mate,
>>>>
>>>> Thanks for your answer. How can I do that?
>>>>
>>>> I've noticed this:
>>>> root at sputnik:/var/lib/samba# wbinfo -u | wc -l
>>>> 140
>>>>
>>>> root at sputnik:/var/lib/samba# tdbbackup -v winbindd_idmap.tdb
>>>> winbindd_idmap.tdb : 521 records
>>>>
>>>> Is this normal? 140 users on AD (seems correct), but 521 mappings?
>>>>
>>>> Best regards,
>>>>
>>>> Bruno Martins
>>>>
>>>> On Fri, Dec 30, 2011 at 11:57 AM, Lantukh Sergey
>>>> <sergey.lantukh at docpath.com> wrote:
>>>>>
>>>>> Hello
>>>>> I think that you need to clean the Winbind database that contains
>>>>> bridge
>>>>> between UID/GID - SID
>>>>> And then restart winbind, and he again will fill the database
>>>>>
>>>>>
>>>>> On 30/12/2011 10:44, Bruno Martins wrote:
>>>>>>
>>>>>> Hello list,
>>>>>>
>>>>>> I am using Samba + winbind and I have some users that cannot access
>>>>>> shares on this server, getting the following error in
>>>>>> '/var/log/samba':
>>>>>> [2011/12/30 09:33:08.072315, 1]
>>>>>> smbd/sesssetup.c:454(reply_spnego_kerberos)
>>>>>> Username GALILEU-F\teste is invalid on this system
>>>>>>
>>>>>> Also, in 'winbind-idmap' log file I am getting this:
>>>>>> [2011/12/30 09:32:56.902810, 1]
>>>>>> winbindd/idmap_tdb.c:445(idmap_tdb_allocate_id)
>>>>>> Fatal Error: UID range full!! (max: 120000)
>>>>>>
>>>>>> So what happens in reality? Trying to 'getent' that user results in
>>>>>> nothing, so no mapping, right?
>>>>>> root at sputnik:/var/cache/samba# getent passwd bmartins
>>>>>> bmartins:*:100001:100000::/home/GALILEU-F/bmartins:/bin/false
>>>>>> root at sputnik:/var/cache/samba# getent passwd teste
>>>>>> root at sputnik:/var/cache/samba#
>>>>>>
>>>>>> However, 'wbinfo' works for that user:
>>>>>> root at sputnik:/var/cache/samba# wbinfo -u | grep teste
>>>>>> teste
>>>>>>
>>>>>> My 'smb.conf' returns this, regarding to idmap parameters:
>>>>>> root at sputnik:/var/cache/samba# cat /etc/samba/smb.conf | grep idmap
>>>>>> # idmap uid = 10000-200000
>>>>>> idmap uid = 100000-120000
>>>>>> # idmap gid = 300000-400000
>>>>>> idmap gid = 100000-120000
>>>>>>
>>>>>> I have tried lower and higher values, did a reload on winbind service,
>>>>>> but nothing seems to help.
>>>>>>
>>>>>> Could you please help me on this?
>>>>>>
>>>>>> Best regards,
>>>>>>
>>>>>> Bruno Martins
>>>>>
>>>>>
>>>>> --
>>>>> To unsubscribe from this list go to the following URL and read the
>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list