[Samba] winbind bug?
Linda W
samba at tlinx.org
Wed Mar 26 19:02:06 MDT 2014
Doug Tucker wrote:
> OK, I have isolated it. And it is related to the unix id number.
> I've googled and I can't find anything. Is there a limitation in
> winbind or bug maybe? Any unix user with a unix id greater than 11000
> cannot map their own home directories on windows 7. To verify it
> wasn't some anomaly, I took a user that could map their home that had
> a unix id of 3033. I then changed the id to 15367 (changed
> permissions on the unix side to match) and wallah, same issue. The
> user could no longer map their home directory. I have about 2000 or
> so unix id's that are affected (though many don't map drives).
----
I don't know what was in place in samba 3, but in 3.6 in the idmap
functions, they
can specify ranges.
How do your windows users get mapped to UID's? .. example
from the smb.conf manpage:
The following example illustrates how to configure the
idmap_ad(8)
backend for the CORP domain and the idmap_tdb(8) backend for all
other domains. This configuration assumes that the admin of CORP
assigns unix ids below 1000000 via the SFU extensions, and
winbind
is supposed to use the next million entries for its own mappings
from trusted domains and for local groups for example.
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config CORP : backend = ad
idmap config CORP : range = 1000-999999
So if somewhere there was some range mapping going on, that
could explain the behavior.
I'd up the loglevels on things to 3-4 and see what userid
winbind is mapping them to for requests....See if those
win-users are being mapped to the UID's you think
they are.
More information about the samba
mailing list