[Samba] idmap ldap problems
Alexander 'Leo' Bergolth
leo at strike.wu.ac.at
Sun Mar 2 10:19:03 MST 2014
Since upgrade to Samba 3.6.9, I am experiencing problems concerning
I am using an LDAP directory with RFC 2307 accounts and sambaSamAccount
sambaSID entries for each local domain user. SIDs for other domains
should be stored in sambaIdmapEntry objects in a separate LDAP tree.
The problem is that winbind doesn't seem to map SIDs from the local
domain to unix IDs. smbd initially work fine but after some time, Idmap
entries for my local domain groups are allocated, which results in
duplicate mappings. (I.e. a local domain group now has a sambaSID to
RFC-2307 gidNumber mapping and the newly allocated mapping in the
Do you have any hints how the existing local domain mappings can be
configured with the new idmap syntax? Should I use idmap_nss for the
local domain instead of idmap_ldap?
My config can be found at
Thanks in advance,
P.S.: I am using samba-3.6.9-167.el6_5.x86_64 on RHEL 6.5.
e-mail ::: Leo.Bergolth (at) wu.ac.at
fax ::: +43-1-31336-906050
location ::: IT-Services | Vienna University of Economics | Austria
More information about the samba