[Samba] ldap idmap backend

Frank Mori Hess frank.hess at nist.gov
Thu Mar 17 07:27:40 MDT 2011

On Thursday, March 17, 2011, Vladimir Vassiliev wrote:
> Hi all,
> i use Samba 3.5.6 in ads mode (Windows 2008R2) with ldap idmap backend.
> Servers run Centos 4 and 5. I can't cope with next issue for long time.
> On all servers in domain winbind constantly tries to create mapping for
> <SID>-513
> and fails because of already existing entry.
> It just wastes gid range.

I had that problem.  In my case, doing an "ldapsearch -x sambaSID=<SID>-513" 
found two idmap entries (in different ou).  After I deleted one of them with 
ldapdelete, it stopped having that error and stopped trying to create new 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.samba.org/pipermail/samba/attachments/20110317/85d2acf1/attachment.pgp>

More information about the samba mailing list