Hello, I have problem with idmap configuration. I would like to use LDAP as backend for idmap in Samba+ADS environment, but i have following errors in log.winbindd-idmap:
[2011/06/08 16:57:54.805575, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module ldap already registered! [2011/06/08 16:57:54.805618, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module tdb already registered! [2011/06/08 16:57:54.805645, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module passdb already registered! [2011/06/08 16:57:54.805671, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module nss already registered! [2011/06/08 16:57:54.806552, 1] winbindd/idmap_ldap.c:193(verify_idpool) Unable to verify the idpool, cannot continue initialization! [2011/06/08 16:57:54.806642, 0] winbindd/idmap.c:589(idmap_alloc_init) ERROR: Initialization failed for alloc backend, deferred! [2011/06/08 16:57:54.844163, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module ldap already registered! [2011/06/08 16:57:54.844226, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module tdb already registered! [2011/06/08 16:57:54.844254, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module passdb already registered! [2011/06/08 16:57:54.844280, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module nss already registered! [2011/06/08 16:57:54.845341, 1] winbindd/idmap_ldap.c:193(verify_idpool) Unable to verify the idpool, cannot continue initialization! [2011/06/08 16:57:54.845380, 0] winbindd/idmap.c:589(idmap_alloc_init) ERROR: Initialization failed for alloc backend, deferred! [2011/06/08 16:57:54.846287, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module ldap already registered! [2011/06/08 16:57:54.846326, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module tdb already registered! [2011/06/08 16:57:54.846353, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module passdb already registered! [2011/06/08 16:57:54.846380, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module nss already registered! [2011/06/08 16:57:54.847374, 1] winbindd/idmap_ldap.c:193(verify_idpool) Unable to verify the idpool, cannot continue initialization! [2011/06/08 16:57:54.847409, 0] winbindd/idmap.c:589(idmap_alloc_init) ERROR: Initialization failed for alloc backend, deferred! LDAP database is up and running. slapcat: dn: dc=server,dc=nas objectClass: dcObject objectClass: organization dc: server o: server structuralObjectClass: organization entryUUID: 6401d0ac-262b-1030-84d2-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000000#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: cn=admin,dc=server,dc=nas objectClass: organizationalRole objectClass: simpleSecurityObject cn: admin userPassword:: c2VjcmV0 description: LDAP administrator structuralObjectClass: organizationalRole entryUUID: 64127830-262b-1030-84d3-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000001#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: ou=People,dc=server,dc=nas ou: People objectClass: top objectClass: organizationalUnit structuralObjectClass: organizationalUnit entryUUID: 642ad5ec-262b-1030-84d4-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000002#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: ou=ChapPeople,dc=server,dc=nas ou: ChapPeople objectClass: top objectClass: organizationalUnit structuralObjectClass: organizationalUnit entryUUID: 642f6b7a-262b-1030-84d5-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000003#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: ou=Groups,dc=server,dc=nas ou: Groups objectClass: top objectClass: organizationalUnit structuralObjectClass: organizationalUnit entryUUID: 64357e34-262b-1030-84d6-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000004#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: ou=Computers,dc=server,dc=nas ou: Computers objectClass: top objectClass: organizationalUnit structuralObjectClass: organizationalUnit entryUUID: 643a116a-262b-1030-84d7-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000005#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: ou=idmap,dc=server,dc=nas objectClass: organizationalUnit objectClass: top objectClass: sambaUnixIdPool ou: idmap description: idmap uidNumber: 10000 gidNumber: 10000 structuralObjectClass: organizationalUnit entryUUID: 643ea9dc-262b-1030-84d8-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000006#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: sambaDomainName=DSS,dc=server,dc=nas sambaDomainName: DSS sambaSID: S-1-5-21-2206515185-2896615622-3143254707 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain sambaNextUserRid: 1000 sambaMinPwdLength: 5 sambaPwdHistoryLength: 0 sambaLogonToChgPwd: 0 sambaMaxPwdAge: -1 sambaMinPwdAge: 0 sambaLockoutDuration: 30 sambaLockoutObservationWindow: 30 sambaLockoutThreshold: 0 sambaForceLogoff: -1 sambaRefuseMachinePwdChange: 0 structuralObjectClass: sambaDomain entryUUID: 6470ac16-262b-1030-84d9-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000007#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z dn: cn=users,ou=Groups,dc=server,dc=nas objectClass: posixGroup objectClass: top objectClass: sambaGroupMapping gidNumber: 101 cn: users description: DefaulGroup sambaSID: S-1-5-21-2206515185-2896615622-3143254707-1203 sambaGroupType: 2 displayName: users structuralObjectClass: posixGroup entryUUID: 6475a05e-262b-1030-84da-1370b5f1fe61 creatorsName: cn=admin,dc=server,dc=nas createTimestamp: 20110608145736Z entryCSN: 20110608145736Z#000008#00#000000 modifiersName: cn=admin,dc=server,dc=nas modifyTimestamp: 20110608145736Z cat /etc/samba/smb.conf ... ldap admin dn= "cn=admin,dc=server,dc=nas" ldap suffix= "dc=server,dc=nas" #ldap server= 127.0.0.1 ldap idmap suffix = "ou=idmap" passdb backend = ldapsam:ldap://127.0.0.1:389 idmap backend = ldap:ldap://127.0.0.1:389 idmap uid = 10000-500000 idmap gid = 10000-500000 ... Samba successfully connect to ADS domain but idmapings aren't writen to LDAP database. Best Regards -- You Rock! Your E-Mail Should Too! Signup Now at Rock.com and get 2GB of Storage! http://connections.rock.com/user/displayUserRegisterPage.kickAction?as=116748&STATUS=MAIN -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
