[Samba] tdb2 idmap script issue

Jonathan Buzzard jonathan at buzzard.me.uk
Thu Feb 14 06:48:42 MST 2013


On Wed, 2013-02-13 at 16:31 +0000, Orlando Richards wrote:
> Hi folks,
> 
> In our happy adventures in ID mapping between windows and Unix, I've 
> come across an odd issue with the idmap : script mapping method when 
> using tdb2.
> 
> Basically - my idmap script behaves like this:
> 
> #idmap.sh IDTOSID GID 123456
> SID:S-blah-blah-blah
> 
> as one would hope, and as per the requirements in the idmap_tdb2 man 
> page. Similarly, it'll return UID:123545 or GID:1234356 in response to 
> SIDTOID S-blah-blah-blah
> 
> This all works well when calling the script directly, but when running 
> it through winbind I was getting:
> 
> # wbinfo -G 12345
> Could not convert gid 12345 to sid
> 
> despite the fact that this would return fine:
> 
> # idmap.sh IDTOSID 12345
> SID:S-blah-blah-blah
> 
> However, going the other way would always work fine (SIDTOID).
> 
> (To be clear - I was flushing the cache and deleting the relevant 
> entries from the tdb's between lookups.)
> 
> In a flash of inspiration, I changed the "echo SID:$SID" line in my 
> idmap to be "printf SID:$SID" so that it didn't give a newline in the 
> response, and, lo and behold, it magically started working fine!
> 
> Note that the SIDTOID calls still use "echo GID:$GID", and not printf, 
> and work fine.
> 

Or you could just add a "-n" to echo to stop it printing the trailing
newline :-)

JAB.

-- 
Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.



More information about the samba mailing list