[Samba] idmap ldap problems
Alexander 'Leo' Bergolth
leo at strike.wu.ac.at
Sun Mar 2 10:19:03 MST 2014
Hi!
Since upgrade to Samba 3.6.9, I am experiencing problems concerning
winbind idmapping.
I am using an LDAP directory with RFC 2307 accounts and sambaSamAccount
sambaSID entries for each local domain user. SIDs for other domains
should be stored in sambaIdmapEntry objects in a separate LDAP tree.
The problem is that winbind doesn't seem to map SIDs from the local
domain to unix IDs. smbd initially work fine but after some time, Idmap
entries for my local domain groups are allocated, which results in
duplicate mappings. (I.e. a local domain group now has a sambaSID to
RFC-2307 gidNumber mapping and the newly allocated mapping in the
sambaIdmapEntry object.)
Do you have any hints how the existing local domain mappings can be
configured with the new idmap syntax? Should I use idmap_nss for the
local domain instead of idmap_ldap?
My config can be found at
http://leo.kloburg.at/tmp/smb-idmap/
Thanks in advance,
--leo
P.S.: I am using samba-3.6.9-167.el6_5.x86_64 on RHEL 6.5.
--
e-mail ::: Leo.Bergolth (at) wu.ac.at
fax ::: +43-1-31336-906050
location ::: IT-Services | Vienna University of Economics | Austria
More information about the samba
mailing list