samba - Sep 2005 - winbindd ADS Windows 2003 SFU idmap=ad, with Suse Linux 9.1, no AD UID or GID

Hi,

I'm trying to get winbindd to obtain uid and gid info from M$ AD (Windows 
2003 Server SP1). I'm getting the home directory and default shell info from
AD. I assume I have something wrong in my smb.conf, but cannot figure out 
what it is:

testparm
Load smb config files from /usr/local/samba//lib/smb.conf
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions

[global]
        workgroup = BSS
        realm = BSS.PHY.PRIVATE.CAM.AC.UK
        security = ADS
        password server = sd1.bss.phy.private.cam.ac.uk
        idmap backend = ad
        idmap uid = 100-20000
        idmap gid = 100-20000
        winbind separator = #
        winbind cache time = 600
        winbind nss info = sfu


getent gives:
BSS#bob:x:105:100:bob:/homely/bob:/bin/sh
BSS#mr:x:106:100:mr:/homes/mr:/bin/bash

bob UID should be 10002 and GID of 500.
the UID and GID appear to me to be assigned in numerical order starting from 
100
as specified by the idmap_uid range.

entries in nsswitch.conf;
passwd:     files winbind nis
shadow:     files nis
group:      files winbind nis
hosts:      files dns

samba is built with:
./configure --prefix=/usr/local/samba/ --with-ldap --with-ads --with-krb5
--with-pam --with-winbind --with-shared-modules=idmap_ad --with-acl-support
--with-quotas

cp libnss_winbind.so /lib/
cp pam_winbind.so /lib/security/
cp ./source/bin/idmap_ad.so /usr/local/samba/lib/idmap/ad.so


Thanks, in advance, for any ideas.

cheers,

Mike.

Mike,

You want user bob to have uid 10002 and gid 500 but you've got:
>      idmap uid = 100-20000
>      idmap gid = 100-20000
which will make winbindd map uid starting at 100 and gid's starting at 
100.

I think you want to change these lines to

         idmap uid = 10000-20000
         idmap gid = 500-1000

Have you also got winbind enum users = yes and winbind enum groups = yes 
in
your [global] section of smb.conf?

Regards,

Jamin