samba - Apr 2005 - idmap_rid: could not convert sid to uid

Hello,

I am trying (again) to get samba+winbind working, with the idmap_rid
backend. I am using a freshly installed samba server and client machine,
with samba-3.0.13. Most things seem to work, but when I try to get
the uid's for the samba users, I run into problems.

  # net rpc join
  Password: ********
  Joined domain IUATST4W.
  # net rpc testjoin
  Join to 'IUATST4W' is OK
  # wbinfo -u
  root
  tst4usr1
  # wbinfo -n tst4usr1
  S-1-5-21-673783806-3852186271-4218622188-3116 User (1)
  # wbinfo -S S-1-5-21-673783806-3852186271-4218622188-3116
  Could not convert sid S-1-5-21-673783806-3852186271-4218622188-3116 to uid

and obviously, a
  # getent passwd tst4usr1
does not work either, and my log.winbindd says:

[2005/04/07 14:48:55, 10] sam/idmap_util.c:idmap_sid_to_uid(150)
  idmap_sid_to_uid: sid = [S-1-5-21-673783806-3852186271-4218622188-3116]
[2005/04/07 14:48:55, 1] nsswitch/winbindd_user.c:winbindd_fill_pwent(50)
  error getting user id for sid S-1-5-21-673783806-3852186271-4218622188-3116

I configured samba with
                --with-static-modules=idmap_rid \
                --with-shared-modules=idmap_rid \

(I suppose only one of those would be enough)

Any suggestions/help would be much appreciated. If you want I can provide more
detailed logs.

maarten

-------------- PDC smb.conf ----------------
[global]
   netbios name = TESTPDC
   workgroup = IUATST4W
   os level = 33
   passdb backend = tdbsam
   preferred master = yes
   domain master = yes
   local master = yes
   security = user
   domain logons = yes
   logon path = \\%N\profiles\%U
   logon drive = H:
   logon home = \\homeserver\%U\winprofile
   logon script = logon.cmd
   server string = %h server (Samba %v)
   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   log level = 10

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes
   read only = yes

[profiles]
        path = /var/lib/samba/profiles
        read only = no
        create mask = 0600
        directory mask = 0700

-----------------------------------------------------

------------- client smb.conf ----------------

[global]
workgroup = IUATST4W
netbios name = TESTCLIENT
security = domain
password server = TESTPDC
allow trusted domains = No
idmap backend = idmap_rid:IUATST4W=500-10000000
idmap uid = 500-10000000
idmap gid = 500-10000000
template primary group = "Domain Users"
template shell = /bin/bash
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = Yes
winbind enum users = no
winbind enum groups = no
winbind nested groups = yes
log level = 10
[testshare]
comment = Project directory
path = /mnt/testshare
read only = no
nt acl support = yes
unix extensions = yes

-----------------------------------------------------

I just found the problem, I had both idmap uid/gid and winbind uid/gid
specified,
and with ranges that caused problems.
> idmap uid = 500-10000000
> idmap gid = 500-10000000
> winbind uid = 10000-20000
> winbind gid = 10000-20000
I changed it to

idmap backend = idmap_rid:IUATST4W=30000-40000
idmap uid = 30000-40000
idmap gid = 30000-40000

and it works perfectly.

maarten