similar to: Winbind+OpenLDAP: Id mapping data is stored partially

Hi! Since upgrade to Samba 3.6.9, I am experiencing problems concerning winbind idmapping. I am using an LDAP directory with RFC 2307 accounts and sambaSamAccount sambaSID entries for each local domain user. SIDs for other domains should be stored in sambaIdmapEntry objects in a separate LDAP tree. The problem is that winbind doesn't seem to map SIDs from the local domain to unix IDs.

I am sure that I don't quite have LDAP setup with the proper Samba entries, but I only need a "bread crumb" to get me pointed in the right direction. Where do I find some information on how and where to place the sambaGroupMapping, sambaUnixIdPool, sambaIdmapEntry (automatically created?), and sambaSidEntry in the LDAP tree. Could someone just give me a little hint as to where the

Hi everybody, I'm new to this mailing list, i need help about a configuration with Samba / Openldap. I have a samba server with shared folders, where users authenticate with a determined login/password. I would like to use my directory (openldap) to authenticate my users to access the shared folders. I do not want to use samba as a domain controller, just to authenticate the users with

I'm using samba 3.0.4 with ldapsam as a pdc. When I try to create a group, samba correctly runs the add group script, which creates an LDAP entry with objectClass set to posixGroup and gidNumber set to the gid I want to use and cn set to the group name. The next thing samba does is look for the posix group with the following filters: [(&(objectClass=sambaGroupMapping)(gidNumber=0))]

I can NOT find any information on how to get the following into the LDAP tr= ee (and where they should be located) from the documentation. I am definite= ly an LDAP beginner and assembling the tree from reading schema's is still = over my head. I am able to connect to samba using only LDAP authentication = and can add users, but that is all I can successfully do, "net groupmap add=

Hi, I'm having some problems in the following situation: - a SLES9 PDC (Samba/OpenLDAP) - a IBM NAS500 Gateway, supposed to be a storage with SMB features, but Samba is far better than that I've got Samba 3.0.23 working, and i can see my LDAP users/groups (through aix native ldap client -- i mean, the "id" command returns every user found in the base). However, i'm not

I have an existing PDC which I am attempting to move across to a new server. On the new server, I'm having trouble with idmap (using an LDAP backend) and trusted domains. The smb.conf file is the same on both servers. My idmap & winbind parameters are as follows: ldap idmap suffix = ou=idmap idmap backend = ldap:ldap://127.0.0.1 idmap uid = 10000-29000 idmap gid = 10000-29000 winbind

Hi there, I'm running Samba 3.0.14a-sernet on Suse 9.1 using ldapsam. I've got an interdomain trust setup across a vpn connection with a 2k3sp1 domain (DOMB). The trust works. What is strange is that a user from DOMB can't access any shares until they browse a share on our domain controller, say netlogon, then samba creates a new posix account for them in the ou=users base. I have

Hi all, I have Samba server joined Active Directory domain based on win2008r2, using LDAP as idmap backend. Recently I upgraded from 3.3.x to 3.5.x (Sernet RPMs for Centos4). Now I constantly observe those messages in log: [2011/02/03 09:10:25.696896, 0] winbindd/idmap_ldap.c:1471(idmap_ldap_set_mapping) ldap_set_mapping_internals: Failed to add S-1-5-21-3807515285-1394671770-2144936185-513

When I run net add groupmap rid=512 ntgroup="Domain Admins" UNIXgroup="ntadmins" i get this error: adding entry for group Domain Admins failed! The error isn't very specific and the log doesn't show any error. I look in the log (log level -1 in slapd.conf) and I can tell it is able to search. I can post the syslog if you need it. I think their is an error in my

Hi I have a little problem with my ldap authorization of samba against Novel LDAP server. This is the log output from the Novel Ldap server: ---------------------------------------------------------------------------------------------------- New TCP connection 0xcb1e3980, monitor = 0x1bf, index = 2 (0xcb1e3980:0x0001:0x60) DoBind on connection 0xcb1e3980 (0xcb1e3980:0x0001:0x60) DoBind: name =

Hello to all, I have successfully installed Samba as PDC using LDAP. Also I use the Winbindd + libnss_winbind to handle Unix/system accounts and use "wbinfo -c username" to create unix accounts for newly created users. I have the following options in my smb.conf: add user script = /usr/local/sbin/wb_adduser.sh %u delete user script = /usr/local/sbin/wb_deluser.sh %u After some testing

hi, I set up a winbindd with a ldap backend, here is the relevant part of my smb.conf: idmap backend = ldap:ldap://mail.rhel.homelinux.com ldap admin dn = cn=winbind,dc=example,dc=com ldap suffix = dc=example,dc=com ldap idmap suffix = ou=idmap On the ldap server I set up the ou=idmap and also permissions for cn=winbind to write into the ou=idmap: access to

hi, can somebody explain, how the idmap backend with ldap works exactly. sorry for that stupid questions, but the docu is not clear for me. http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ idmapper.html#id2588292 i understand the idmap topic/difficulty, why i need this, but how the ldap get filled with idmap entries? automatically/dynamically if winbind is running? or

Dear Sirs, I did the following command (against ldapsam backend): net groupmap add rid=3002 unixgroup=wheel type=local ntgroup=Marketoids comment=Mm -d 10 I just wanted to add new group. But instead of that I saw many-many-many records: lib/smbldap.c:smbldap_search(963) passdb/pdb_ldap.c:ldapsam_getgroup(2008) they all wanted to find group with gidNumber=4294967295, yes, sure, there's

I am running Samba 3.4.7on Fedora Core 11 Linux. This is a domain member. My PDC is Samba 3.4.9 on Solaris 10. I have LDAP as a backend (Sun/Oracle Directory Server 6.) I have an OU for user accounts, and an OU for idmap entries. The PDC has already populated some idmap entries. An idmap entry looks like dn: sambaSID=S-1-5-21-xxxxxxxxxxxxxxx-1121,ou=mydomain,ou =idmap,o=mycomany.com

Thanks for your help in adance !!! I work with SAMBA HEAD since alpha24. I have running a BDC, PDC, Printserver on 3 separate pc's. In my domain is integrated a nativ w2k Fileserver ( Dell Nas PowerVault 725 ) for fileserving. Passwords are held in LDAP on every (Linux) machine pam-ldap works. Every thing was fine before the last update to BETA 3. Problem : I was updating from BETA 2 to

I have recently upgraded a Samba server running on a Red Hat Enterprise 4 (32 bit) server. The version of samba upgraded to is 3.0.25b. I noticed that a new index had to be added to my ldap (openldap) server for the sambaSID attribute. So I added the index line to slapd.conf as follows: Index sambaSID eq,sub Afterwards I ran slapindex to recreate the indices in the openldap database.

I am still trying to troubleshoot my problem of not being able to join computers to the domain. I have found this comment by John Terpstra:- >Newsgroups: linux.samba >From: John H Terpstra <j...@samba.org> - Find messages by this author >Date: Wed, 14 Jan 2004 00:00:17 +0100 >Curtis, >Do not set the UID of Administrator to 0, it will break winbind use. >Instead, use the

Hello, I have a Debian Squeeze server and want to configure Samba + OpenLDAP on it. Following some documentation I've found over Internet, I see that I must include the "samba schema" in OpenLDAP but apart from this, I've installed on the same server a software called "gosa" and it has a samba schema called "samba3.schema" which I don't know if