[Samba] IDMAP dump and restore for second server.

Michael Adam obnox at samba.org
Wed Mar 21 15:36:02 MDT 2012


Hi,

everything is fine:

You are using the rid backend for your domains (DOMAIN1 and
DOMAIN2). This is a purely algorithmical method for doing
id mappings. These mappings are not stored in databases
but calculated each time (at least when the cache entries
expire).

The default backend "tdb" is only used for anything but
DOMAIN1 and DOMAIN2. Apparently you don't have a third
real domain around, which is why there are so few mappings
in the db and hence in the dump.

Hope this helps.

Cheers - Michael


Johan Hendriks wrote:
> Hello all.
> 
> I use Samba 3.6.3 on FreeBSD in combination with ZFS, and it all works fine.
> I use zfs send to receive my store on a backup machine and i want the users id to be the same as on the master server so to say.
> Keeps my backups easy accessable with samba!
> 
> Now i know i can dump the IDMAP database using the following: net idmap dump.
> 
> I expect a whole bunch of lines,but i get the following, we around  70 users
> 
> filer01 ~ # net idmap dump
> dumping id mapping from /var/db/samba/winbindd_idmap.tdb
> GID 150004 S-1-5-11
> GID 150005 S-1-5-32-546
> USER HWM 150000
> GID 150002 S-1-1-0
> GID 150003 S-1-5-2
> GROUP HWM 150006
> filer01 ~ #
> 
> Also a tdbdump /var/db/samba/winbind_idmap.tdb gives me a small amount of Lines.
> 
> tdbdump /var/db/samba/winbindd_idmap.tdb
> {
> key(11) = "GID 150002\00"
> data(8) = "S-1-1-0\00"
> }
> {
> key(9) = "S-1-5-11\00"
> data(11) = "GID 150004\00"
> }
> {
> key(13) = "S-1-5-32-546\00"
> data(11) = "GID 150005\00"
> }
> {
> key(11) = "GID 150005\00"
> data(13) = "S-1-5-32-546\00"
> }
> {
> key(11) = "GID 150003\00"
> data(8) = "S-1-5-2\00"
> }
> {
> key(9) = "USER HWM\00"
> data(4) = "\F0I\02\00"
> }
> {
> key(8) = "S-1-1-0\00"
> data(11) = "GID 150002\00"
> }
> {
> key(11) = "GID 150004\00"
> data(9) = "S-1-5-11\00"
> }
> {
> key(8) = "S-1-5-2\00"
> data(11) = "GID 150003\00"
> }
> {
> key(10) = "GROUP HWM\00"
> data(4) = "\F6I\02\00"
> }
> {
> key(14) = "IDMAP_VERSION\00"
> data(4) = "\02\00\00\00"
> }
> 
> wbinfo -u and wbinfo -g as id username all works fine.
> 
> The relevant config part (as far as i know)
> 
> template homedir = /sanstorage/sambashare/home/%U
> winbind use default domain = yes
> winbind cache time = 3600
> winbind nested groups = yes
> winbind separator = |
> winbind offline logon = yes
> winbind enum users = yes
> winbind enum groups = yes
> winbind refresh tickets = yes
> allow trusted domains = yes
> 
> idmap config * : backend = tdb
> idmap config * : range = 10000-80000
> 
> idmap config DOMAIN1 : backend = rid
> idmap config DOMAIN1 : base_rid = 500
> idmap config DOMAIN1 : range = 10000 - 29999
> 
> idmap config DOMAIN2 : backend = rid
> idmap config DOMAIN2 : base_rid = 500
> idmap config DOMAIN2 : range = 30000 - 49999
> 
> Is there a problem , or am i missing something.
> I have been googling a lot, but could not find something related.
> 
> Thanks for your time
> 
> Regards
> Johan Hendriks
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba/attachments/20120321/09d3d099/attachment.pgp>


More information about the samba mailing list