Public bug reported:
realmd in ubuntu, when --client-software=winbind was used, is writing
out an obsolete /etc/samba/smb.conf file with regards to the idmap
(identity mapping) configuration.
After the join:
$ sudo realm join -v --client-software=winbind ad1.example.com
* Resolving: _ldap._tcp.ad1.example.com
* Performing LDAP DSE lookup on: 10.51.0.5
* Successfully discovered: ad1.example.com
Password for Administrator:
* Unconditionally checking packages
* Resolving required packages
* Installing necessary packages: samba-common-bin libpam-winbind winbind
* LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.7QYTQ0
-U Administrator ads join ad1.example.com
Enter Administrator's password:
Using short domain name -- AD1
Joined 'G-ADCLIENT1' to dns domain 'ad1.example.com'
* LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.7QYTQ0
-U Administrator ads keytab create
Enter Administrator's password:
* /usr/sbin/update-rc.d winbind enable
* /usr/sbin/service winbind restart
* Successfully enrolled machine in realm
It's writing the following:
idmap backend = tdb
idmap gid = 10000-2000000
idmap uid = 10000-2000000
Samba's testparm tool already flags this as incorrect:
$ testparm
Load smb config files from /etc/samba/smb.conf
WARNING: The "idmap backend" option is deprecated
WARNING: The "idmap gid" option is deprecated
WARNING: The "idmap uid" option is deprecated
The correct config would be:
idmap config AD1 : range = 2000000-2999999
idmap config AD1 : backend = rid
idmap config * : range = 10000-999999
idmap config * : backend = tdb
And testparm is happy:
$ testparm
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
** Affects: realmd (Ubuntu)
Importance: Medium
Assignee: Andreas Hasenack (ahasenack)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1894153
Title:
Use current idmap configuration for winbind
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1894153/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
