tom.regan@dpi.nsw.gov.au
2005-Jul-19 02:08 UTC
[Samba] Duplicate entries in winbindd_idmap.tdb
G'day Folks,
We are having problems with numerous duplicate entries in
winbindd_idmap.tdb
resulting in the available userid range set in smb.conf being quickly and
repeatedly exhausted.
The duplicate entries all appear to have a WBA_PASSWD key, e.g
{
key = "WBA_PASSWD/UID/9945\00"
data = "nexxxo01\00"
}
{
key = "WBA_PASSWD/UID/9720\00"
data = "nexxxo01\00"
}
etc...
Users are being authenticated against a Windows 2003 DC via winbind, with
smb.conf config being:
[global]
workgroup = XXXRES
security = DOMAIN
password server = aserver.adomain
log level = 1
ldap ssl = no
winbind uid = 1000-10000
winbind gid = 500-2000
winbind separator = +
winbind use default domain = Yes
winbind enum users = yes
winbind enum groups = yes
and nsswitch.conf entries:
passwd: files winbind
group: files winbind
getent passwd nexxxo01returns a single entry for this user:
nexxxo01:x:1694:1079::/data1/XXXRES/nexxxo01:/bin/bash
There are only two entries in winbindd_idmap.tdb for uid 1694:
{
key = "UID 1694\00"
data = "S-1-5-21-621575563-1972833152-631647523-5009\00"
}
{
key = "S-1-5-21-621575563-1972833152-631647523-5009\00"
data = "UID 1694\00"
}
Has anyone else experienced this problem and found the cause?
(OS is Solaris 9, Samba 3.0.10 (will be upgrading to 3.0.14 shortly)
My apologies if this is an RTFM - a pointer to any documenation would also
be welcome.
MTIA,
Tom
--
Tom Regan, Host Integration Manager
NSW Department of Primary Industries
Orange NSW Australia
Email:Tom.Regan@dpi.nsw.gov.au
Phone: 61 0263 913268
Fax: 61 0263 913290
This message is intended for the addressee named and may contain
confidential information. If you are not the intended recipient or
received it in error, please delete the message and notify sender. Views
expressed are those of the individual sender and are not necessarily the
views of their organisation.
Gerald (Jerry) Carter
2005-Jul-30 04:57 UTC
[Samba] Duplicate entries in winbindd_idmap.tdb
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 tom.regan@dpi.nsw.gov.au wrote: | We are having problems with numerous duplicate entries in | winbindd_idmap.tdb resulting in the available userid | range set in smb.conf being quickly and repeatedly exhausted. | The duplicate entries all appear to have a WBA_PASSWD key, e.g Set 'winbind enable local accounts = no' in smbn.conf. This parameter and the associated functionality has been removed in the upcoming 3.0.20 release. cheers, jerry ====================================================================Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC6qpyIR7qMdg1EfYRAsk8AJ9P3KGZqLfBsnX/XJ/eri4rkT0bTgCgyUr9 gCte+hJ1kkVXrs91MiW1sw0=ZcQt -----END PGP SIGNATURE-----