Ian Clancy
2005-May-04 23:22 UTC
[Samba] The 'nobody' account (mapping not found for gidNumber: 99)
Hi, I am using a samba domain controller with an LDAP backend. I am also using samba domain controllers with this setup similar to those described in the 'Domain Members, Updating Samba and Migration' chapter of the Samba By Example book. On the domain member servers winbind stores the UID<->SID in the Idmap section of the directory. This appears to be working correctly, however i think there is a problem with the nobody account that is present on the local system (in /etc/passwd) and the nobody account in the Directory (as created by smbldap-populate). I see the following entry reported in log.winbindd> [2005/05/05 00:18:25, 0] sam/idmap_ldap.c:ldap_get_sid_from_id(525) > ldap_get_sid_from_id: mapping not found for gidNumber: 99I understand the winbind does not like the fact that there are two nobody accounts on the system. Does anybody know a workaround for this problem ?. I don't think it is a good idean to delete either of the acounts. Any idea's, comments welcome ? Thanks -- Ian Clancy IT Systems Engineer Connaught Electronics Ltd. Dunmore Rd, Tuam, Co. Galway, Ireland. E : mailto:clancyian@cel.ie W : http://www.cel-europe.com
Ian Clancy
2005-May-05 20:01 UTC
[Samba] The 'nobody' account (mapping not found for gidNumber: 99) - Solution!
Ian Clancy wrote:> Hi, > I am using a samba domain controller with an LDAP backend. I am also > using samba domain controllers with this setup similar to those > described in the 'Domain Members, Updating Samba and Migration' > chapter of the Samba By Example book. > On the domain member servers winbind stores the UID<->SID in the Idmap > section of the directory. This appears to be working correctly, > however i think there is a problem with the nobody account that is > present on the local system (in /etc/passwd) and the nobody account in > the Directory (as created by smbldap-populate). I see the following > entry reported in log.winbindd > >> [2005/05/05 00:18:25, 0] sam/idmap_ldap.c:ldap_get_sid_from_id(525) >> ldap_get_sid_from_id: mapping not found for gidNumber: 99 > > > > I understand the winbind does not like the fact that there are two > nobody accounts on the system. Does anybody know a workaround for this > problem ?. I don't think it is a good idean to delete either of the > acounts. > Any idea's, comments welcome ? > Thanks >Hi again, Don't want to get into a habit of replying to my own emails but for the sake of closure i've found the solution to this little problem. Turns out you need to add the following line to smb.conf : username map = /etc/samba/smbusers The contents of the smbuser file : nobody = guest pcguest smbguest Maybe this will be of some use to somebody googling for an answer in the future. Ian -- Ian Clancy IT Systems Engineer Connaught Electronics Ltd. Dunmore Rd, Tuam, Co. Galway, Ireland. P : ++353 93 23151 F : ++353 93 23110 E : mailto:clancyian@cel.ie W : http://www.cel-europe.com