[Samba] Error in Configuring CTDB, Winbind and AD
Christian M Ambach
christian.ambach at de.ibm.com
Wed May 11 05:41:10 MDT 2011
Harshavardhana wrote on 05/10/2011 09:57:06 PM:
> [2011/05/10 15:40:54.147924, 1]
> winbindd/idmap_ad.c:651(idmap_ad_sids_to_unixids)
> Could not get unix ID
> [2011/05/10 15:54:41.509152, 1]
> winbindd/idmap_ad.c:651(idmap_ad_sids_to_unixids)
> Could not get unix ID
> idmap config WINHPC : backend = ad
> idmap config WINHPC : readonly = yes
> idmap config WINHPC : schema_mode = rfc2307
> idmap config WINHPC : range = 1000-4000000000
> idmap uid = 1000-4000000000
> idmap gid = 1000-4000000000
This indicates that you have invalid values in your SFU
attributes in AD.
If a user wants to connect with the ad backend in place, the user
must have a uid and the Windows primary group also needs to have a gid
defined in the UNIX Attributes tab.
Besides that, you should not use overlapping ranges for idmap uid and the
domain specific range.
For WINHPC, you should limit the range to the numbers that you are planning
to use in AD and then use another disjunct range for idmap uid.
e.g.
idmap config WINHPC : range = 1000-40000
idmap uid = 50000-4000000000
idmap gid = 50000-4000000000
Regards,
Christian
More information about the samba
mailing list