Jun 10 02:31:05 wwweng1 winbindd[4233]: ldap_allocate_id: single sambaUnixIdPool object not found
Jun 10 02:31:05 wwweng1 winbindd[4233]: [2004/06/10 02:31:05, 0] sam/idmap_ldap.c:ldap_allocate_id(413)
Jun 10 02:31:05 wwweng1 winbindd[4233]: [2004/06/10 02:31:05, 0] sam/idmap_ldap.c:ldap_get_id_from_sid(621)
Jun 10 02:31:05 wwweng1 winbindd[4233]: ldap_allocate_id: cannot acquire id lock!
and the getent returns nothing from winbind.
You need to add a sambaUnixIdPool object inside of your IdMap ou. This
will give samba it's starting UID number and some other things. Just
make sure you have all of the required attributes filled out in that
object and then samba(winbind) will start adding subobjects of it
automatically when new users connect the first time.
When I remove the "ldap" entries from smb.conf, the getnet command works fine. (so
winbind is working)
As for DSA, I am not sure what you mean. I am doing nothing fancy like SSL or the like.
Thanks,
JMS
P.S.
My SLDAP.CONF:
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
#pidfile //var/run/slapd.pid
#argsfile //var/run/slapd.args
# Create a replication log in /var/lib/ldap for use by slurpd.
#replogfile /var/lib/ldap/master-slapd.replog
# Load dynamic backend modules:
# modulepath /usr/sbin/openldap
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
#
# The next two lines allow use of TLS for connections using a dummy test
# certificate, but you should generate a proper certificate by changing to
# /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on
# slapd.pem so that the ldap user or group can read it.
# TLSCertificateFile /usr/share/ssl/certs/slapd.pem
# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
#
# Sample Access Control
# Allow read access of root DSE
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
#
#access to dn="" by * read
#access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default is:
# Allow read by all
#
# rootdn can always write!
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "dc=softeng,dc=com"
rootdn "cn=Manager,dc=softeng,dc=com"
rootpw {SSHA}l3niIBoW8kJe1gEzqK5VW426vNh+PW69
directory /var/lib/ldap
# Indices to maintain
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
# Replicas to which we should propagate changes
#replica host=ldap-1.example.com:389 tls=yes
# bindmethod=sasl saslmech=GSSAPI
# authcId=host/[EMAIL PROTECTED]
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.com mailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
