Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] idmap config range problem
436 views
Skip to first unread message
Sebastian Neustein
Apr 10, 2012, 8:30:01 AM4/10/12
to
Hi everyone
after upgrading to the current samba version I found some
idmap uid deprecated
messages in my logs or when I used smbstatus.
I found out I need to use
idmap config
now.
Now my questions;
- when setting
idmap config * : range = 1000 - 2000
I get following log messages:
"no backend defined for idmap config DOM"
"idmap range not specified for domain DOM"
wbinfo --allocate-uid works
net rpc user add works too
- when I set
idmap config DOM : range = 1000 - 2000
idmap config DOM : backend = tdb
I get tons of log messages saying
"idmap range not specified for domain *"
wbinfo --allocate-uid: "failed to call wbcAllocateUid: WBC_ERR_DOMAIN_NOT_FOUND"
- when I set
idmap config * : range = 12000 - 20000
idmap config DOM : range = 90000 - 99999
idmap config DOM : backend = tdb
log message: nothing
wbinfo --allocate-uid: "failed to call wbcAllocateUid:
WBC_ERR_DOMAIN_NOT_FOUND Could not allocate a uid"
net rpc user add name: "Failed to add user 'name' with error: A device
attached to the system is not functioning.."
After these changes and before restarting winbindd I deleted the
winbindd-idmap.tdb file. This gave the log message: "Upgrading
winbindd_idmap.tdb from an old version"
After reading the man page I understood that the first version should be
sufficient. But apparently it's not - though it's still the best working
solution. The howtos on the samba page still use the old idmap gid range
version. I could not find anything on this.
Anyway how do I know which name for DOM do I need to use?
I use samba 3.6.3 from debian squeeze-backports and debian stable.
my smb.conf:
[global]
workgroup = DOM
netbios name = DOMServer
interfaces = eth0 127.0.0.1
bind interfaces only = true
server string = DOM Samba Server
# domain settings
domain master = yes
domain logons = yes
# become local master browser
os level = 100
preferred master = yes
# maybe wins support - needs changes to dhcp server
wins support = no
# ldap settings
passdb backend = ldapsam
ldap suffix = dc=domain,dc=de
ldap admin dn = cn=samba,dc=domain,dc=de
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap idmap suffix = ou=idmaps
ldap ssl = no
ldapsam:trusted = yes
ldapsam:editposix = yes
# winbind settings
idmap config * : range = 12000 - 20000
idmap config DOM : backend = tdb
idmap config DOM : range = 90000 - 99999
# logon
logon path = \\%N\profiles\%U\%a
logon script = logon.bat
logon drive = i:
# create mask
create mask = 740
directory mode = 750
force create mode = 020
force directory mode = 020
# logging
log file = /var/log/samba/log.smbd.%m
log level = 1
syslog = 0
# max log size = 5000 default
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
# printing - disabled
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
time server = yes
unix extensions = false
# vfs module vfs_acl_xattr - all NT ACL are saved
vfs object = acl_xattr
Thanks for any help
Regards
Sebastian
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
after upgrading to the current samba version I found some
idmap uid deprecated
messages in my logs or when I used smbstatus.
I found out I need to use
idmap config
now.
Now my questions;
- when setting
idmap config * : range = 1000 - 2000
I get following log messages:
"no backend defined for idmap config DOM"
"idmap range not specified for domain DOM"
wbinfo --allocate-uid works
net rpc user add works too
- when I set
idmap config DOM : range = 1000 - 2000
idmap config DOM : backend = tdb
I get tons of log messages saying
"idmap range not specified for domain *"
wbinfo --allocate-uid: "failed to call wbcAllocateUid: WBC_ERR_DOMAIN_NOT_FOUND"
- when I set
idmap config * : range = 12000 - 20000
idmap config DOM : range = 90000 - 99999
idmap config DOM : backend = tdb
log message: nothing
wbinfo --allocate-uid: "failed to call wbcAllocateUid:
WBC_ERR_DOMAIN_NOT_FOUND Could not allocate a uid"
net rpc user add name: "Failed to add user 'name' with error: A device
attached to the system is not functioning.."
After these changes and before restarting winbindd I deleted the
winbindd-idmap.tdb file. This gave the log message: "Upgrading
winbindd_idmap.tdb from an old version"
After reading the man page I understood that the first version should be
sufficient. But apparently it's not - though it's still the best working
solution. The howtos on the samba page still use the old idmap gid range
version. I could not find anything on this.
Anyway how do I know which name for DOM do I need to use?
I use samba 3.6.3 from debian squeeze-backports and debian stable.
my smb.conf:
[global]
workgroup = DOM
netbios name = DOMServer
interfaces = eth0 127.0.0.1
bind interfaces only = true
server string = DOM Samba Server
# domain settings
domain master = yes
domain logons = yes
# become local master browser
os level = 100
preferred master = yes
# maybe wins support - needs changes to dhcp server
wins support = no
# ldap settings
passdb backend = ldapsam
ldap suffix = dc=domain,dc=de
ldap admin dn = cn=samba,dc=domain,dc=de
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap idmap suffix = ou=idmaps
ldap ssl = no
ldapsam:trusted = yes
ldapsam:editposix = yes
# winbind settings
idmap config * : range = 12000 - 20000
idmap config DOM : backend = tdb
idmap config DOM : range = 90000 - 99999
# logon
logon path = \\%N\profiles\%U\%a
logon script = logon.bat
logon drive = i:
# create mask
create mask = 740
directory mode = 750
force create mode = 020
force directory mode = 020
# logging
log file = /var/log/samba/log.smbd.%m
log level = 1
syslog = 0
# max log size = 5000 default
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
# printing - disabled
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
time server = yes
unix extensions = false
# vfs module vfs_acl_xattr - all NT ACL are saved
vfs object = acl_xattr
Thanks for any help
Regards
Sebastian
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
0 new messages