tom.regan@dpi.nsw.gov.au
2005-Jul-19 02:08 UTC
[Samba] Duplicate entries in winbindd_idmap.tdb
G'day Folks, We are having problems with numerous duplicate entries in winbindd_idmap.tdb resulting in the available userid range set in smb.conf being quickly and repeatedly exhausted. The duplicate entries all appear to have a WBA_PASSWD key, e.g { key = "WBA_PASSWD/UID/9945\00" data = "nexxxo01\00" } { key = "WBA_PASSWD/UID/9720\00" data = "nexxxo01\00" } etc... Users are being authenticated against a Windows 2003 DC via winbind, with smb.conf config being: [global] workgroup = XXXRES security = DOMAIN password server = aserver.adomain log level = 1 ldap ssl = no winbind uid = 1000-10000 winbind gid = 500-2000 winbind separator = + winbind use default domain = Yes winbind enum users = yes winbind enum groups = yes and nsswitch.conf entries: passwd: files winbind group: files winbind getent passwd nexxxo01returns a single entry for this user: nexxxo01:x:1694:1079::/data1/XXXRES/nexxxo01:/bin/bash There are only two entries in winbindd_idmap.tdb for uid 1694: { key = "UID 1694\00" data = "S-1-5-21-621575563-1972833152-631647523-5009\00" } { key = "S-1-5-21-621575563-1972833152-631647523-5009\00" data = "UID 1694\00" } Has anyone else experienced this problem and found the cause? (OS is Solaris 9, Samba 3.0.10 (will be upgrading to 3.0.14 shortly) My apologies if this is an RTFM - a pointer to any documenation would also be welcome. MTIA, Tom -- Tom Regan, Host Integration Manager NSW Department of Primary Industries Orange NSW Australia Email:Tom.Regan@dpi.nsw.gov.au Phone: 61 0263 913268 Fax: 61 0263 913290 This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient or received it in error, please delete the message and notify sender. Views expressed are those of the individual sender and are not necessarily the views of their organisation.
Gerald (Jerry) Carter
2005-Jul-30 04:57 UTC
[Samba] Duplicate entries in winbindd_idmap.tdb
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 tom.regan@dpi.nsw.gov.au wrote: | We are having problems with numerous duplicate entries in | winbindd_idmap.tdb resulting in the available userid | range set in smb.conf being quickly and repeatedly exhausted. | The duplicate entries all appear to have a WBA_PASSWD key, e.g Set 'winbind enable local accounts = no' in smbn.conf. This parameter and the associated functionality has been removed in the upcoming 3.0.20 release. cheers, jerry ====================================================================Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC6qpyIR7qMdg1EfYRAsk8AJ9P3KGZqLfBsnX/XJ/eri4rkT0bTgCgyUr9 gCte+hJ1kkVXrs91MiW1sw0=ZcQt -----END PGP SIGNATURE-----