[Samba] Clarification on the appropriate idmap settings for a standalone server

Andrew Walker walker.aj325 at gmail.com
Sat Nov 15 09:27:09 MST 2014

I am trying to increase my understanding of samba. I am running a FreeBSD
server with Samba 4.1.12 configured as a standalone server in a testing

The documentation here indicates that winbind / the idmap facility is of
little or no use on a standalone server:

Is this still the case in Samba4?

My curiosity was piqued because I keep getting the following error message
"winbindd: sam_rids_to_names: possible deadlock - trying to lookup SID

My server has the following parameters in [global] in the smb.conf (which
was default for the appliance):

    server max protocol = SMB2_24
    encrypt passwords = yes
    dns proxy = no
    strict locking = no
    oplocks = yes
    deadtime = 15
    max log size = 51200
    max open files = 11070
    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes
    getwd cache = yes
    guest account = nobody
    map to guest = Bad User
    obey pam restrictions = Yes
    directory name cache size = 0
    kernel change notify = no
    panic action = /usr/local/libexec/samba/samba-backtrace
    server string = Samba Server
    unix extensions = no
    acl allow execute always = true
    local master = yes
    idmap config *:backend = tdb
    idmap config *:range = 90000000-100000000
    server role = standalone
    netbios name = C_GRINDER
    workgroup = WORKGROUP
    security = user
    pid directory = /var/run/samba
    smb passwd file = /var/etc/private/smbpasswd
    private dir = /var/etc/private
    create mask = 0666
    directory mask = 0777
    client ntlmv2 auth = yes
    dos charset = CP437
    unix charset = UTF-8
    log level = 1

More information about the samba mailing list