> There are more details in your log: > > DORSEYLAW\hernandez.jose.a: idmap failed > idmapd[380]: ... Database error on /var/run/idmap/idmap.db > while executing UPDATE idmap_cache SET w2u = 0 WHERE sidprefix = > 'S-1-5-21-1488354695-889791976-755307947' AND rid = 89284 > AND w2u = 1 AND pid >= 2147483648 AND is_user = 1; (columns > sidprefix, rid, is_user, w2u are not unique) > > You have an idmap database problem. If you would like to send a copy > of your database to us, we can analyze it. There are two files: > > /var/idmap/idmap.db > /var/run/idmap/idmap.db > > Otherwise, you can stop the idmap and smb/server services, delete both > of those files and restart the services: > > svcadm disable idmap smb/server > rm /var/idmap/idmap.db /var/run/idmap/idmap.db > svcadm enable -r smb/server > > The -r will start the idmap service as an smb/server dependency.
Just to be clear. That idmap error happened ONLY after I mapped the uid of my domain user to a unixuser on the box. Before I did the manual mapping, idmap was still complaining with: smbd[1327]: [ID 266262 daemon.error] DORSEYLAW\hernandez.admin: idmap failed everytime I tried to list the shares on the box by doing \\mpnfs01 on my windows box. So to recap: 1. I can make the opensolaris server join the domain just fine. 2. idmap dump -n can see AD uid and gid info 3. I grant permissions to the NUMERIC uid of my Active Directory to the zfs filesystem via via /usr/bin/chmod. 4. I try to browse to \\mpnfs01 to list the shares and get an authentication prompt on my Windows XP client. Logs on the opensolaris box shows "smbd[1327]: [ID 266262 daemon.error] DORSEYLAW\hernandez.admin: idmap failed" My understanding is that at this point this should be working. Doing an idmap of the AD uid to a user uid is entirely optional, is it not? -- This message posted from opensolaris.org _______________________________________________ cifs-discuss mailing list cifs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
