[Samba] idmap for trusted domain changing over time
This is a discussion on [Samba] idmap for trusted domain changing over time within the Samba forums, part of the Networking and Network Related category; Hello I'm experiencing a weird behaviour with idmapping/winbindd. I have two samba controlled domains with one trusting the ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-11-2008
|
|||
|
|||
[Samba] idmap for trusted domain changing over time
Hello
I'm experiencing a weird behaviour with idmapping/winbindd. I have two samba controlled domains with one trusting the other and using winbindd to map trusted domain groups and users. This works quite well, but after some time, I can see the unix uid/gid allocated for the trusted domain groups/users being changed, and this keeps on changing approximatively every 2 hours. At samba/winbindd startup I have the uid/gid allocated starting at the beginning of the range in "idmap alloc config:range" directive. Also, I may have trouble with my configuration, because the trusted domain uid/gid are not allocated in the range given by the "idmap config DOMB:range" directive, and at startup, I get the gids allocated to BUILTIN groups overlapping the gids allocated to the trusted domain. Here is the relevant section of my smb.conf : idmap domains = DOMB idmap backend = idmap alloc backend = tdb idmap cache time = 900 idmap negative cache time = 120 idmap uid = idmap gid = template homedir = /home/%D/%U template shell = /bin/false winbind separator = \ winbind cache time = 300 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = No winbind trusted domains only = No winbind nested groups = Yes winbind nss info = template winbind refresh tickets = No winbind offline logon = No winbind normalize names = No winbind:rpc only = yes idmap config DOMB:range = 4000-4999 idmap config DOMB:default = Yes idmap config DOMB:backend = tdb idmap alloc config:range = 3000-4999 Anybody can help ? -- François Legal Message scanned by ClamAV engine (http://www.clamav.net) -------------------------------------------------------- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
|
06-11-2008
|
|||
|
|||
|
Re: [Samba] idmap for trusted domain changing over time
I forgot to precise I'm using 3.0.29
> Hello > > I'm experiencing a weird behaviour with idmapping/winbindd. > > I have two samba controlled domains with one trusting the other and using > winbindd to map trusted domain groups and users. > This works quite well, but after some time, I can see the unix uid/gid > allocated for the trusted domain groups/users being changed, and this > keeps on changing approximatively every 2 hours. > At samba/winbindd startup I have the uid/gid allocated starting at the > beginning of the range in "idmap alloc config:range" directive. > > Also, I may have trouble with my configuration, because the trusted domain > uid/gid are not allocated in the range given by the "idmap config > DOMB:range" directive, and at startup, I get the gids allocated to BUILTIN > groups overlapping the gids allocated to the trusted domain. > > Here is the relevant section of my smb.conf : > > idmap domains = DOMB > idmap backend = > idmap alloc backend = tdb > idmap cache time = 900 > idmap negative cache time = 120 > idmap uid = > idmap gid = > template homedir = /home/%D/%U > template shell = /bin/false > winbind separator = \ > winbind cache time = 300 > winbind enum users = Yes > winbind enum groups = Yes > winbind use default domain = No > winbind trusted domains only = No > winbind nested groups = Yes > winbind nss info = template > winbind refresh tickets = No > winbind offline logon = No > winbind normalize names = No > winbind:rpc only = yes > idmap config DOMB:range = 4000-4999 > idmap config DOMB:default = Yes > idmap config DOMB:backend = tdb > idmap alloc config:range = 3000-4999 > > Anybody can help ? > > -- > François Legal > > > Message scanned by ClamAV engine (http://www.clamav.net) > -------------------------------------------------------- > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > > > Message scanned by ClamAV engine (http://www.clamav.net) > -------------------------------------------------------- > -- François Legal Message scanned by ClamAV engine (http://www.clamav.net) -------------------------------------------------------- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 02:33 PM.
