On 02/03/2011 00:53, Matt Harrison wrote:
Hi list,
A couple of years ago I set up a zfs/smb/idmap server talking to my
active directory. Everything works well and except for the occasional
reboots, I don't usually have any problems.
I had to sync my clock with the domain controller (>300 seconds out)
but after that I was getting idmap errors (RPC connection problems). I
followed the steps posted in a messages I found through google, which
ended up removing my mappings. I thought I could remember them.
Now I have idmap running, but adding some maps results in a constant
"GENESTATE\matt: idmap failed".
I've tried maps for my main user such as:
# idmap add "winuser:*@genestate.com" "unixuser:*"
# idmap add winuser:m...@genestate.com unixuser:matt
# idmap add winuser:"*@genestate.com" unixuser:"*"
and various other permutations. Originally, I had a wildcard map like
the first line above, plus a map for Domain Admins and one for Domain
Users.
Well nothing I can pull from my memory, or from google will allow me
access to my fileserver again. I did have it all written down but that
is now lost (of course). Nor can I find the orignal guides I made my
notes from.
Can someone please shed some light as I'm currently stuck without any
access at all.
Ok, turns out it was a misconfiguration of my DNS server which had only
shown up after idmap was restarted/the machine was rebooted. Idmap now
seems to work fine and I have access again. They key was to turn on
idmap debug logging so I noticed it wasn't finding a PDC.
Thanks
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
