[Samba] samba4 DC, internal winbind_server: external idmap problem
Andy Igoshin
ai at vsu.ru
Sat Dec 7 06:57:37 MST 2013
Hi!
i run samba 4.1.2 in DC mode. win7 client joined to this domain
successfully.
now i try to configure external idmap.
i would like it to use our existing ldap server:
idmap config DOM : backend = rfc2307
idmap config DOM : range = 1110000-1119999
idmap config DOM : ldap_server = stand-alone
idmap config DOM : ldap_url = ldap://ldap.domain.ru
idmap config DOM : ldap_user_dn = uid=ldapmaster,cn=ldap.domain.ru
idmap config DOM : bind_path_user = cn=dom.domain.ru
idmap config DOM : bind_path_group = cn=dom.domain.ru
idmap config DOM : cache time = 1800
winbind nss info = rfc2307
i created a user 'test2' in samba DC.
in ldap.domain.ru there is the user uid=test2,cn=dom.domain.ru with
such attributes:
uidNumber = 1113535
gidNumber = 1113535
objectSid = S-1-5-21-1982177496-2241683161-2840224108-1106 (i got it
from samba DC)
when i run wbinfo to get user's info i expect it to go to
ldap.domain.ru. but it does not happen. it looks like wbinfo
returns values from internal automatic idmap.
# wbinfo -S S-1-5-21-1982177496-2241683161-2840224108-1106
3000019
# wbinfo -U 1113535
S-1-22-1-1113535
do i misunderstand something?
is it possible to use idmap in such mode?
Regards,
--
Andy Igoshin <ai at vsu.ru> Voronezh State University
sip: ai at vsu.ru Network Operation Center
phone: +7 473 2281160, ext. 2020 Voronezh, Russia
More information about the samba
mailing list