-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey Ross,
> I'm having problems getting the new idmap_adex module to work. Sorry about that. > When using the idmap_adex plugin I get the following: > > # wbinfo -n administrator > S-1-5-21-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-500 User (1) > # wbinfo -i administrator > Could not get info for user administrator > > As expected attempting to lookup user & group info > via commands which use libnss also fail. > > The "administrator" account is setup with all the necessary > rfc2307 attributes and works fine with the idmap_ad plugin. > The uidNumber, gidNumber, and uid attributes have been added > to the forests partial attribute set, as recommended by then > idmap_adex man page. > > Idmap log throws up a couple of interesting lines (full log below): > 1) "NT_STATUS_NO_LOGON_SERVERS"; although wbinfo --online-status > says domain is online and name to sid lookups work ok. > 2) "could not find idmap alloc module adex"; idmap module is > installed at /usr/lib/samba/idmap/adex.so, ad.so is in the same > folder. idmap_adex doesn't do uid/gid allocation so this is a normal message. > Domain & forest functional level are both Windows Server 2003. > Running Samba/Winbind 3.3.1 on RHEL5, built from Fedora > rawhide SRPM. > > Here is my smb.conf > [global] > workgroup = LOCAL ... The conf file looks fine. > And here is log-winbindd-idmap at debug level 10: > ... > [2009/03/26 09:12:45, 10] > winbindd/idmap_adex/likewise_cell.c:cell_do_search(382) > cell_do_search: Base = , Filter = (objectSid=\XX\....), Scope = 2, GC = yes > [2009/03/26 09:12:45, 10] > winbindd/idmap_adex/likewise_cell.c:cell_connect_dn(339) > Failed! (NT_STATUS_NO_LOGON_SERVERS) Any chance i could get you to send me a network sniff of the failure (off list)? E.g. $ tcpdump -s 0 -w /tmp/dump.pcap \ port 88 or port 53 or port 3268 or port 389 cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewise.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknLpngACgkQIR7qMdg1Efbn/ACfSlhx2g6hTXABULtMMtB3JcvA 5cMAn3f5XdUwzgJtVd0AoLsiqPYh932R =w1qw -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba