Solved.
After adding the explicit "idmap alloc" section, I had to do "net
idmap secret alloc <secret>". Still not sure why it had worked before
without idmap alloc though.
On Mar 8, 2009, at 2:31 PM, Hugo Mallinson wrote:
Sorry: Samba 3.2.8-0.26 running on Intel FC9.
On Mar 8, 2009, at 2:08 PM, Hugo Mallinson wrote:
Hi, we've had a machine happily authenticating to an ADS domain for
about a year now, and it's recently stopped working (possibly due
to changes in the domain or a samba upgrade, unfortunately I'm not
sure). We're using an ldap idmap backend running on the local
machine.
Now though, new domain users can't log in. Running "wbinfo -i
newuser" returns an error. However users can use wbinfo -a to
authenticate, and previously registered users can still log in
fine. The problem seems to be with the sid->uid mapping. I can
manually add an LDAP entry for the new user's sid and make up a uid
and the login works as normal. Specifically "wbinfo --allocate-uid"
says it cannot allocate a uid.
Could someone please help?
smb.conf:
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba