[Samba] winbind bug?

Linda W samba at tlinx.org
Wed Mar 26 19:02:06 MDT 2014

Doug Tucker wrote:
> OK, I have isolated it.  And it is related to the unix id number.  
> I've googled and I can't find anything.  Is there a limitation in 
> winbind or bug maybe?  Any unix user with a unix id greater than 11000 
> cannot map their own home directories on windows 7.  To verify it 
> wasn't some anomaly, I took a user that could map their home that had 
> a unix id of 3033.  I then changed the id to 15367 (changed 
> permissions on the unix side to match) and wallah, same issue.  The 
> user could no longer map their home directory.  I have about 2000 or 
> so unix id's that are affected (though many don't map drives).
I don't know what was in place in samba 3, but in 3.6 in the idmap 
functions, they
can specify ranges. 

How do your windows users get mapped to UID's?  .. example
from the smb.conf manpage:

           The following example illustrates how to configure the 
           backend for the CORP domain and the idmap_tdb(8) backend for all
           other domains. This configuration assumes that the admin of CORP
           assigns unix ids below 1000000 via the SFU extensions, and 
           is supposed to use the next million entries for its own mappings
           from trusted domains and for local groups for example.

                    idmap config * : backend = tdb
                    idmap config * : range = 1000000-1999999

                    idmap config CORP : backend  = ad
                    idmap config CORP : range = 1000-999999

So if somewhere there was some range mapping going on, that
could explain the behavior.

I'd up the loglevels on things to 3-4 and see what userid
winbind is mapping them to for requests....See if those
win-users are being mapped to the UID's you think
they are.

More information about the samba mailing list