Hello, I have a PDC running on SLES 10 which is using an ldap password backend and is suppose to be using ldap Idmap as well. My problem seems to be that my PDC is not writing any entries to the ldap idmap. Everything works just fine on the PDC, shares and what not, but I can not get a Samba domain member server to share anything properly. I get permissions errors and other problems like that. For example on the members server, it uses ldap for authentication so that ldap users can login to that machine (mostly just me) and this also helps because it is aware of all the usernames and group names, which simplifies permissions I think. The problem is shares on this server do not function correctly. When looking from windows the shares do not seem to belong to the correct group (for example one set to it on the server ends up as administration on the windows security page) and even if I am a member of all the groups I get a permission denied when I try to create new folders. The reason I think it is an idmap problem is because no entries are created in the idmap section in ldap by the pdc and because of the miss used groups I described above. One other thing is, the Domain Member server seems to write two entries to the idmap in ldap if it does not exist already. I am really at a loss as to how to proceed with this setup to correct my problem. If someone on here has any suggestions and can explain how I should go about it then please I would greatly appreciate it. Also I have not copied any config files here to avoid flooding, but if anyone would like to see any config file please just ask me and I will provide them. Thank you again, Brent