[Samba] Samba 3.6.6 member on a Samba 4 domain controller

[thierry DeTheGeek]

Hi

I'm having troubles to make a samba 3.6.6 member server on a Samba 4 domain.

I successfully joined the domain.
I'm able to list users and groups on the domain from the member server with
wbinfo -u and wbinfo -g .

If I try wbinfo -i foo , I get an error :

Failed to call wbcgetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
could not get info for user foo

After running winbindd in debug mode with winbindd -F -S -d 10 I noticed
the following :

winbindd_getpwnam: My domain -- rejecting getpwnam() for DOMAIN\foo.
could not convert SID-0-0: NT_STATUS_NO_SUCH_USER

My user foo actually exists in the domain.

I'm trying to use idmap_ad as a backend. Here is the relevant part of
smb.conf :

idmap config *: backend = tdb
idmap config *: range = 3000-8999
;idmap config *:readonly = no
idmap config DOMAIN:backend = ad
idmap config DOMAIN:range = 9000-30000
idmap config DOMAIN:schema_mode = rfc2307
;idmap config DOMAIN:readonly = yes
idmap config DOMAIN:default = yes
winbind nss info = rfc2307
template shell = /bin/bash
winbind cache time = 5
winbind use default domain = Yes
winbind trusted domains only = Yes
winbind nested groups = Yes
client ntlmv2 auth = yes
client use spnego = yes

My domain member server must use Samba 3.6.6, provided in my distribution.

What can I try to solve my issue ?