Prev: [Samba] interdomain trusts / wbinfo and listent_recv: returned no users
Next: [Samba] disconnecting user from only one share
From: Gaiseric Vandal on 4 May 2010 16:40
Some time back I upgraded a domain controller (Solaris 10) from samba
3.0.x to 3.4.5

In order to support interdomain trusts I am using winbind and idmap
allocation with a samba backend. Since the upgrade it appears that
samba is no allocating uid and gid's for trusted domain.

my smb.conf looks something like:


----------------------------------------------------------------------------------------------------------------------------

winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = no
winbind trusted domains only = no

# The "idmap domains" has been deprecated in 3.4
# idmap domains = DOMAIN_A DOMAIN_B DOMAIN_C
# Next two lines restored in 3.4 - but prob don't need
idmap uid = 30000-59999
idmap gid = 30000-59999



idmap config DOMAIN_A:backend = ldap
idmap config DOMAIN_A:readonly = no
idmap config DOMAIN_A:default=no
idmap config DOMAIN_A:ldap_base_dn = ou=domain_a,ou=idmap,o=mydomain.com
idmap config DOMAIN_A:ldap_user_dn = cn=Directory Manager
idmap config DOMAIN_A:ldap_url = ldap://ldap1.domain.com
idmap config DOMAIN_A:range = 30000-39999

idmap config DOMAIN_B:backend = ldap
idmap config DOMAIN_B:readonly = no
idmap config DOMAIN_B:default=no
idmap config DOMAIN_B:ldap_base_dn = ou=domain_b,ou=idmap,o=mydomain.com
idmap config DOMAIN_B:ldap_user_dn = cn=Directory Manager
idmap config DOMAIN_B:ldap_url = lldap://ldap1.domain.com
idmap config DOMAIN_B:range = 40000-45999
.....



----------------------------------------------------------------------------------------------------------------------------


Domain_A (Windows 2003 AD in Mixed mode) has entries from prior to the
upgrade and hasn't had new accounts added recently. Domain_B (Windows
2008 in Windows 2003 mode) is a new addition. No idmap entries ever
populated. They should have populated after I ran "wbinfo -u" and
"getent passwd" on the samba PDC.


Any ideas?

Thanks




--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
 | 
Pages: 1
Prev: [Samba] interdomain trusts / wbinfo and listent_recv: returned no users
Next: [Samba] disconnecting user from only one share