[Samba] samba constantly creating mapping

Vladimir Vassiliev vova at edu.yar.ru
Thu Feb 3 03:30:49 MST 2011 

Hi all,

I have Samba server joined Active Directory domain based on win2008r2, using LDAP as idmap backend.
Recently I upgraded from 3.3.x to 3.5.x (Sernet RPMs for Centos4).

Now I constantly observe those messages in log:

[2011/02/03 09:10:25.696896,  0] winbindd/idmap_ldap.c:1471(idmap_ldap_set_mapping)
   ldap_set_mapping_internals: Failed to add S-1-5-21-3807515285-1394671770-2144936185-513 to 21066 
mapping [gidNumber]
[2011/02/03 09:10:25.696927,  0] winbindd/idmap_ldap.c:1473(idmap_ldap_set_mapping)
   ldap_set_mapping_internals: Error was:  (Already exists)
[2011/02/03 09:15:16.234228,  0] winbindd/idmap.c:201(smb_register_idmap_alloc)
   idmap_alloc module ldap already registered!
[2011/02/03 09:15:16.234271,  0] winbindd/idmap.c:201(smb_register_idmap_alloc)
   idmap_alloc module tdb already registered!
[2011/02/03 09:15:16.234286,  0] winbindd/idmap.c:149(smb_register_idmap)
   Idmap module passdb already registered!
[2011/02/03 09:15:16.234300,  0] winbindd/idmap.c:149(smb_register_idmap)
   Idmap module nss already registered!

with gidNumber increasing, although samba created mapping for this SID:

dn: sambaSID=S-1-5-21-3807515285-1394671770-2144936185-513,ou=idmap,dc=corp,dc=<domain>
objectClass: sambaIdmapEntry
objectClass: sambaSidEntry
gidNumber: 20042
sambaSID: S-1-5-21-3807515285-1394671770-2144936185-513
structuralObjectClass: sambaSidEntry

RID 513 is standard "Domain Users" group, but *S-1-5-21-3807515285-1394671770-2144936185* is not AD 
domain:

wbinfo --all-domains
BUILTIN
DLC
CORP

DLC is hostname of Samba server and CORP - AD domain.

wbinfo -D corp
Name              : CORP
Alt_Name          : corp.<domain>
SID               : S-1-5-21-3642537914-689118755-2668763798
Active Directory  : Yes
Native            : Yes
Primary           : Yes

wbinfo -D dlc
Name              : DLC
Alt_Name          :
SID               : *S-1-5-21-3807515285-1394671770-2144936185*
Active Directory  : No
Native            : No
Primary           : No

As I understand I should somehow add entry for this SID in local SAM database with "net sam".  But 
how: with "net sam createlocalgroup" or "net sam createdomaingroup" or "net sam createbuiltingroup"?
I don't understand SAM well, please advice me how to do this.

Thanks.

-- 
Vladimir Vassiliev

More information about the samba mailing list