Hi Robert, Thanks for the response. You are referring to idmap backend = rid
correct? Greg On Tue, 2010-08-24 at 09:10 -0400, Robert Freeman-Day wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I have been the most happy with the hash idmap. It really is the least > invasive and "just works" (does that need to be trademarked these > days?). Since it hashes the SID with the same algorithm, all members > get the same UID/GID mappings, which is a big win. > > Robert > > On 08/23/2010 05:21 PM, Greg Dickie wrote: > > Hi, > > > > Today I'm trying to debug a problem on samba 3.5.4 where a domain > > member server is having trouble mapping UIDs to SIDs. I must admit I > > never really looked at this before as everything seemed to "just work". > > Today I discovered that idmap backend on the PDC and the member server > > were both defaulted to tdb. This means they have independent views of > > UID to SID mappings I guess. That sucks. So I'm looking at the ldap > > backend but I notice that it uses a special ou in the LDAP tree to store > > mappings. Why do we need that if the sambaSamAccount schema also has > > SIDs and UIDs for each user. Also, how is that tree populated? > > > > Looking at my PDC it seems to just pull everything out of gencache.tdb > > or say that no mapping exists. Doing a tdbdump of winbind_idmap.tdb > > shows only a few entries. This seems to be more complicated than I > > expected. I'm sorry if this is a silly question but what am I doing > > wrong? > > > > Thanks a lot, > > Greg > > > > > > > - -- > ________ > > Robert Freeman-Day > > https://launchpad.net/~presgas > GPG Public Key: > http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkxzxMMACgkQup357T5MfTY0VACfSGOY2vXg05lUplINAeqxr42s > iR0AnA3P/DdGApB0+WIJZTzNN99qiv/z > =ddTf > -----END PGP SIGNATURE----- -- Greg Dickie just a guy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
