[Samba] tdb2 idmap script issue
Jonathan Buzzard
jonathan at buzzard.me.uk
Thu Feb 14 06:48:42 MST 2013
On Wed, 2013-02-13 at 16:31 +0000, Orlando Richards wrote:
> Hi folks,
>
> In our happy adventures in ID mapping between windows and Unix, I've
> come across an odd issue with the idmap : script mapping method when
> using tdb2.
>
> Basically - my idmap script behaves like this:
>
> #idmap.sh IDTOSID GID 123456
> SID:S-blah-blah-blah
>
> as one would hope, and as per the requirements in the idmap_tdb2 man
> page. Similarly, it'll return UID:123545 or GID:1234356 in response to
> SIDTOID S-blah-blah-blah
>
> This all works well when calling the script directly, but when running
> it through winbind I was getting:
>
> # wbinfo -G 12345
> Could not convert gid 12345 to sid
>
> despite the fact that this would return fine:
>
> # idmap.sh IDTOSID 12345
> SID:S-blah-blah-blah
>
> However, going the other way would always work fine (SIDTOID).
>
> (To be clear - I was flushing the cache and deleting the relevant
> entries from the tdb's between lookups.)
>
> In a flash of inspiration, I changed the "echo SID:$SID" line in my
> idmap to be "printf SID:$SID" so that it didn't give a newline in the
> response, and, lo and behold, it magically started working fine!
>
> Note that the SIDTOID calls still use "echo GID:$GID", and not printf,
> and work fine.
>
Or you could just add a "-n" to echo to stop it printing the trailing
newline :-)
JAB.
--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.
More information about the samba
mailing list