Figure this out a little further: I had the following in my smb.conf: idmap uid = 10000-20000 idmap gid = 10000-20000 idmap backend = ldap:ldap://localhost ldap admin dn = cn=manager,dc=navis,dc=net ldap suffix = "ou=smb,dc=navis,dc=net" ldap idmap suffix = "ou=idmap"
I took the quotes off and now Winbind seems to connect to LDAP fine: ldap suffix = ou=smb,dc=navis,dc=net ldap idmap suffix = ou=idmap I'm now getting this when I start Winbind in the Winbind log: [2005/03/21 11:16:25, 5] lib/gencache.c:gencache_init(59) Opening cache file at /var/lock/samba/gencache.tdb [2005/03/21 11:16:25, 5] libsmb/namecache.c:namecache_enable(58) namecache_enable: enabling netbios namecache, timeout 660 seconds [2005/03/21 11:16:25, 5] sam/idmap.c:smb_register_idmap(91) smb_register_idmap: Successfully added idmap backend 'ldap' [2005/03/21 11:16:25, 5] sam/idmap.c:smb_register_idmap(91) smb_register_idmap: Successfully added idmap backend 'tdb' [2005/03/21 11:16:25, 3] sam/idmap.c:idmap_init(132) idmap_init: using 'ldap' as remote backend [2005/03/21 11:16:25, 5] lib/smbldap.c:smbldap_search(1038) smbldap_search: base => [ou=idmap,ou=smb,dc=navis,dc=net], filter => [(objectclass=sambaUnixIdPool)], scope => [2] [2005/03/21 11:16:25, 5] lib/smbldap.c:smbldap_close(949) The connection to the LDAP server was closed [2005/03/21 11:16:25, 2] lib/smbldap.c:smbldap_open_connection(692) smbldap_open_connection: connection opened [2005/03/21 11:16:26, 3] lib/smbldap.c:smbldap_connect_system(866) ldap_connect_system: succesful connection to the LDAP server ldap_connect_system: LDAP server does support paged results [2005/03/21 11:16:26, 4] lib/smbldap.c:smbldap_open(929) The LDAP server is succesfully connected [2005/03/21 11:16:26, 2] lib/tallocmsg.c:register_msg_pool_usage(57) Registered MSG_REQ_POOL_USAGE [2005/03/21 11:16:26, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2005/03/21 11:16:26, 2] nsswitch/winbindd_util.c:add_trusted_domain(175) Added domain HQ HQ.NAVIS.NET S-0-0 [2005/03/21 11:16:26, 4] passdb/secrets.c:secrets_fetch_trust_account_password(290) Using cleartext machine password However I still think there is a problem because getent passwd only returns local usernames. When I'm not using the ldap idmap backend getent passwd runs as expected giving both local and domain usernames. Any help appreciated, Theo -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Theodore Jencks Sent: Monday, March 21, 2005 9:52 AM To: [email protected] Subject: RE: [Samba] idmap LDAP backend Ok, I made the change however the LDAP backend for idmap is still not working. I set Winbind to debugging level 5 and get the following in the logs: [2005/03/21 09:45:05, 2] lib/interface.c:add_interface(81) added interface ip=192.168.192.112 bcast=192.168.195.255 nmask=255.255.252.0 [2005/03/21 09:45:05, 5] lib/util.c:init_names(256) Netbios name list:- my_netbios_names[0]="THEO" [2005/03/21 09:45:05, 2] lib/interface.c:add_interface(81) added interface ip=192.168.192.112 bcast=192.168.195.255 nmask=255.255.252.0 [2005/03/21 09:45:05, 5] lib/gencache.c:gencache_init(59) Opening cache file at /var/lock/samba/gencache.tdb [2005/03/21 09:45:05, 5] libsmb/namecache.c:namecache_enable(58) namecache_enable: enabling netbios namecache, timeout 660 seconds [2005/03/21 09:45:05, 5] sam/idmap.c:smb_register_idmap(91) smb_register_idmap: Successfully added idmap backend 'ldap' [2005/03/21 09:45:05, 5] sam/idmap.c:smb_register_idmap(91) smb_register_idmap: Successfully added idmap backend 'tdb' [2005/03/21 09:45:05, 3] sam/idmap.c:idmap_init(132) idmap_init: using 'ldap' as remote backend [2005/03/21 09:45:05, 5] lib/smbldap.c:smbldap_search(1038) smbldap_search: base => ["ou=idmap","ou=smb,dc=navis,dc=net"], filter => [(objectclass=sambaUnixIdPool)], scope => [2] [2005/03/21 09:45:05, 5] lib/smbldap.c:smbldap_close(949) The connection to the LDAP server was closed [2005/03/21 09:45:05, 2] lib/smbldap.c:smbldap_open_connection(692) smbldap_open_connection: connection opened [2005/03/21 09:45:05, 3] lib/smbldap.c:smbldap_connect_system(866) ldap_connect_system: succesful connection to the LDAP server ldap_connect_system: LDAP server does support paged results [2005/03/21 09:45:05, 4] lib/smbldap.c:smbldap_open(929) The LDAP server is succesfully connected [2005/03/21 09:45:05, 0] sam/idmap.c:idmap_init(138) idmap_init: failed to initialize remote backend! Looks like it tries to get what are called paged results and then it fails to initialize remote backend. I'm not quite sure what is going on here and any further guidance would be greatly appreciated. Thanks in advance, Theo -----Original Message----- From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED] Sent: Friday, March 18, 2005 7:18 AM To: Theodore Jencks Cc: [email protected] Subject: Re: [Samba] idmap LDAP backend -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Theodore Jencks wrote: | ldap idmap suffix = "ou=idmap,ou=smb,dc=navis,dc=net" | ldap suffix = "ou=smb,dc=navis,dc=net" change this to ldap suffix = "ou=smb,dc=navis,dc=net" ldap idmap suffix = "ou=idmap" cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCOvELIR7qMdg1EfYRAqkxAJ4wivlVYXp6DmKIaXbl786I7CQOLwCfXL6w XIO2bFqLhparOqZGF0BdgWo= =MKbV -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
