Hello all... Im trying to fix a idmap setup with winbind where the idmaps are stored in openldap. We have had this system working before, but it managed to break :-) All systems running Samba (3.0.13 on FC2) Problem: group id's and uid's (specificly uid's) are inconsistent between clients (our two test clients). Both machines are using idmap backend to talk to our ldap server and retrieve idmaps. Again: this *has* worked in the past. example: server... [username@wbserver root]$ id uid=10222(username) gid=10001(domain users) groups=10001(domain users) client #1 .... [username@wbclient log]$ id uid=10222(username) gid=10001(domain users) groups=10001(domain users) client #2 ... [username@wbclient2 home]$ id uid=14046(wbtester) gid=10000(domain users) groups=10000(domain users) HowTO??? This seems like a cache consistency problem between the systems so can anybody give me a good idea of how to troubleshoot this? Ive tried greping the tdb files looking for clues and using tdbtool but I dont think im getting myself anywhere. All suggestions appreciated. -matt
Gerald (Jerry) Carter
2005-Apr-25 13:21 UTC
[Samba] winbind + ldap uid/gid consistency woes.
Matt Sellers wrote:> Hello all... > > Im trying to fix a idmap setup with winbind where the idmaps are > stored in openldap. We have had this system working before, but it > managed to break :-) All systems running Samba (3.0.13 on FC2) >...> This seems like a cache consistency problem between the systems so can > anybody give me a good idea of how to troubleshoot this? Ive tried > greping the tdb files looking for clues and using tdbtool but I dont > think im getting myself anywhere. All suggestions appreciated.when using 'idmap backend = ldap', winbindd_idmap.tdb should be a permanent cache file only. You should be able to remove those and winbindd will repopulate it from the directory server. cheers, jerry ====================================================================Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 256 bytes Desc: OpenPGP digital signature Url : http://lists.samba.org/archive/samba/attachments/20050425/81cd7986/signature.bin