thr3ads.net - samba - [Samba] samba constantly creating mapping [Feb 2011]

If this information is useful, please help other people find it:
Share via:

Vladimir Vassiliev

2011-Feb-03 10:30 UTC

[Samba] samba constantly creating mapping

Hi all,

I have Samba server joined Active Directory domain based on win2008r2, using
LDAP as idmap backend.
Recently I upgraded from 3.3.x to 3.5.x (Sernet RPMs for Centos4).

Now I constantly observe those messages in log:

[2011/02/03 09:10:25.696896,  0]
winbindd/idmap_ldap.c:1471(idmap_ldap_set_mapping)
   ldap_set_mapping_internals: Failed to add
S-1-5-21-3807515285-1394671770-2144936185-513 to 21066
mapping [gidNumber]
[2011/02/03 09:10:25.696927,  0]
winbindd/idmap_ldap.c:1473(idmap_ldap_set_mapping)
   ldap_set_mapping_internals: Error was:  (Already exists)
[2011/02/03 09:15:16.234228,  0] winbindd/idmap.c:201(smb_register_idmap_alloc)
   idmap_alloc module ldap already registered!
[2011/02/03 09:15:16.234271,  0] winbindd/idmap.c:201(smb_register_idmap_alloc)
   idmap_alloc module tdb already registered!
[2011/02/03 09:15:16.234286,  0] winbindd/idmap.c:149(smb_register_idmap)
   Idmap module passdb already registered!
[2011/02/03 09:15:16.234300,  0] winbindd/idmap.c:149(smb_register_idmap)
   Idmap module nss already registered!

with gidNumber increasing, although samba created mapping for this SID:

dn:
sambaSID=S-1-5-21-3807515285-1394671770-2144936185-513,ou=idmap,dc=corp,dc=<domain>
objectClass: sambaIdmapEntry
objectClass: sambaSidEntry
gidNumber: 20042
sambaSID: S-1-5-21-3807515285-1394671770-2144936185-513
structuralObjectClass: sambaSidEntry

RID 513 is standard "Domain Users" group, but
*S-1-5-21-3807515285-1394671770-2144936185* is not AD
domain:

wbinfo --all-domains
BUILTIN
DLC
CORP

DLC is hostname of Samba server and CORP - AD domain.

wbinfo -D corp
Name              : CORP
Alt_Name          : corp.<domain>
SID               : S-1-5-21-3642537914-689118755-2668763798
Active Directory  : Yes
Native            : Yes
Primary           : Yes

wbinfo -D dlc
Name              : DLC
Alt_Name          :
SID               : *S-1-5-21-3807515285-1394671770-2144936185*
Active Directory  : No
Native            : No
Primary           : No

As I understand I should somehow add entry for this SID in local SAM database
with "net sam".  But
how: with "net sam createlocalgroup" or "net sam
createdomaingroup" or "net sam createbuiltingroup"?
I don't understand SAM well, please advice me how to do this.

Thanks.

-- 
Vladimir Vassiliev

Vladimir Vassiliev

2011-Feb-04 10:56 UTC

head link

[Samba] samba constantly creating mapping

Can someone explain why samba wants to create this mapping even if it already
exists?

03.02.2011 13:30, Vladimir Vassiliev ?????:>
> Hi all,
>
> I have Samba server joined Active Directory domain based on win2008r2,
using LDAP as idmap backend.
> Recently I upgraded from 3.3.x to 3.5.x (Sernet RPMs for Centos4).
>
> Now I constantly observe those messages in log:
>
> [2011/02/03 09:10:25.696896, 0]
winbindd/idmap_ldap.c:1471(idmap_ldap_set_mapping)
> ldap_set_mapping_internals: Failed to add
S-1-5-21-3807515285-1394671770-2144936185-513 to 21066
> mapping [gidNumber]
> [2011/02/03 09:10:25.696927, 0]
winbindd/idmap_ldap.c:1473(idmap_ldap_set_mapping)
> ldap_set_mapping_internals: Error was: (Already exists)
> [2011/02/03 09:15:16.234228, 0]
winbindd/idmap.c:201(smb_register_idmap_alloc)
> idmap_alloc module ldap already registered!
> [2011/02/03 09:15:16.234271, 0]
winbindd/idmap.c:201(smb_register_idmap_alloc)
> idmap_alloc module tdb already registered!
> [2011/02/03 09:15:16.234286, 0] winbindd/idmap.c:149(smb_register_idmap)
> Idmap module passdb already registered!
> [2011/02/03 09:15:16.234300, 0] winbindd/idmap.c:149(smb_register_idmap)
> Idmap module nss already registered!
>
> with gidNumber increasing, although samba created mapping for this SID:
>
> dn:
sambaSID=S-1-5-21-3807515285-1394671770-2144936185-513,ou=idmap,dc=corp,dc=<domain>
> objectClass: sambaIdmapEntry
> objectClass: sambaSidEntry
> gidNumber: 20042
> sambaSID: S-1-5-21-3807515285-1394671770-2144936185-513
> structuralObjectClass: sambaSidEntry
>
> RID 513 is standard "Domain Users" group, but
*S-1-5-21-3807515285-1394671770-2144936185* is not AD
> domain:
>
> wbinfo --all-domains
> BUILTIN
> DLC
> CORP
>
> DLC is hostname of Samba server and CORP - AD domain.
>
> wbinfo -D corp
> Name : CORP
> Alt_Name : corp.<domain>
> SID : S-1-5-21-3642537914-689118755-2668763798
> Active Directory : Yes
> Native : Yes
> Primary : Yes
>
> wbinfo -D dlc
> Name : DLC
> Alt_Name :
> SID : *S-1-5-21-3807515285-1394671770-2144936185*
> Active Directory : No
> Native : No
> Primary : No
>
> As I understand I should somehow add entry for this SID in local SAM
database with "net sam". But
> how: with "net sam createlocalgroup" or "net sam
createdomaingroup" or "net sam createbuiltingroup"?
> I don't understand SAM well, please advice me how to do this.
>
> Thanks.
>

-- 
Vladimir Vassiliev

Reasonably Related Threads

Search for more reasonably related threads

samba - Feb 2011 - samba constantly creating mapping

[Samba] samba constantly creating mapping

[Samba] samba constantly creating mapping

Reasonably Related Threads