[Samba] idmap problems after update from 3.0.33 to 3.6.6

Jonathan Buzzard jonathan at buzzard.me.uk
Wed Oct 23 06:48:08 MDT 2013

On Wed, 2013-10-23 at 14:27 +0200, Thomas Attenberger wrote:
> I tried that already (changed the "+" to a "/"), no changes...
> Some more strange things:
> getent passwd (the output lists all Domain Users, but the new-user is not
> included)
> getent group (lists only local unix groups)

Bear in mind that when a new user is created in AD the rfc2307
attributes are not populated. You have to do that manually.

I note that you have conflicting entries in your smb.conf as well for

    winbind nss info = rfc2307
    template shell  = /bin/bash

The first line says get NSS info from the AD, but the second line is
attempting to use a template shell.


    idmap config ATRON:backend = tdb
    idmap config ATRON:schema_mode = rfc2307

The schema_mode option is not valid with the tdb backend... My guess is
winbind will get confused at the least.


Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.

More information about the samba mailing list