[Samba] ldap idmap backend

Vladimir Vassiliev vova at edu.yar.ru
Thu Mar 17 07:02:29 MDT 2011


Hi all,

i use Samba 3.5.6 in ads mode (Windows 2008R2) with ldap idmap backend. Servers run Centos 4 and 5.
I can't cope with next issue for long time.

On all servers in domain winbind constantly tries to create mapping for
<SID>-513
and fails because of already existing entry.
It just wastes gid range.

Note that <SID> is not SID of main domain but another which name equal to hostname. For example on 
host FMS in domain CORP I have:

wbinfo --all-domains
BUILTIN
FMS
CORP

wbinfo -D FMS
Name              : FMS
Alt_Name          :
SID               : S-1-5-21-3830529182-610880034-2098875520
Active Directory  : No
Native            : No
Primary           : No

Here is log:
[2011/03/17 15:37:28.387459,  0] winbindd/idmap_ldap.c:1471(idmap_ldap_set_mapping) 

   ldap_set_mapping_internals: Failed to add S-1-5-21-3830529182-610880034-2098875520-513 to 20067 
mapping [gidNumber]
[2011/03/17 15:37:28.387538,  0] winbindd/idmap_ldap.c:1473(idmap_ldap_set_mapping) 

   ldap_set_mapping_internals: Error was:  (Already exists)

Can someone experienced in Samba comment how to deal with this issue?
Thanks.

-- 
Vladimir Vassiliev


More information about the samba mailing list