Comment 2 for bug 364105
Revision history for this message
| Edgar Holleis (nospam-indoktrination) wrote | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
s/map/resolve/
winbind 2:3.3.2-1ubuntu3 cannot resolve SID->UID. The mapping is there in the AD, automatically created by the user-add script. However, the new new version does not return UIDs any more. GIDs continue to work.
AD is and was alway readonly. To my knowledge Samba has only recently gained the feature of stacking idmapings, where you layer a writable idmap over the readonly AD-map to handle the case where Samba wants to create a new mapping. When Samba 3.3.2 failed to work as before, I consulted the documentation and found the suggestion that I should layer a writable idmap over the AD-map. I tried to do that, but without success. Samba still fails to resovle UIDs from AD, but instead of complaining it silently allocates a new (and wrong) mapping in the writable backend.
As far as I can remember (its been a couple of week since I found the issue), what works is:
name -> SID (wbinfo -n)
SID -> name (wbinfo -s)
SID -> GID (wbinfo -Y)
GID -> SID (wbinfo -G)
What does not work:
SID -> UID (wbinfo -S)
UID -> SID (wbinfo -U)
And yes, I used SIDs that do represent User-Objects and that have a UID-Attribute in AD.