idmapping changes from 3.0.10 to 3.4.2.

> idmapping changes from  3.0.10 to 3.4.2.
>
> Trying to transition from 3.0.10 to 3.4.2 with a minimal change to the
> system
> meaning it would be nice to only change the smb.conf file if possible.
>
> The new version doesn't seem to properly work.  getent passwd only produces
> entries from /etc/passwd.  Sometimes, getent passwd user will get results
> but usually they don't.
>
> Also, when winbindd (ves 3.0.10) started it would have a heavy load for
> about
> 15 minutes while it loaded information.  This version (3.4.2) seems to have
> very little load so it seems to act differently or it is having a problem.
>
> Any suggestions on how to change the global section below quickly and
> easily
> to make this a transparent tranision?
>
> Below is the global section of our smb.conf for 3.0.10.
> Note: I changed the workgroup/realm for posting. I just want it to work
> like
> the previous system worked.
>
> [global]
>        workgroup = XX
>        realm = XX.YYY.ZZZ
>        security = ADS
>        encrypt passwords = yes
>        log level = 1
>        idmap uid = 2000-900000
>        idmap gid = 2000-900000
>        winbind enum users = yes
>        winbind enum groups = yes
>        template homedir = /u/%U
>        template shell = /bin/false
>        winbind use default domain = yes
>        winbind cache time = 1800
>        wins server = 143.231.3.194 143.231.40.66
>        client schannel = no
> #starting to add stuff to see how things are working
> #username map = /usr/local/samba/lib/users.map
> #guestaccount = NULL
> #load printers = yes
> log file = /usr/local/samba/var/log.%m
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

> You seem to be missing an idmap backend entry. If you are going to 3.4, you
> may want to look at hash, there is also RID. If you already have an extended
> schema, you may want to look at ads.
>
> Robert LeBlanc
> Life Sciences & Undergraduate Education Computer Support
> Brigham Young University
>
>
>   On Fri, Oct 30, 2009 at 4:37 PM, Wayne Rasmussen <waynemonarch@...
> > wrote:
>
>>  idmapping changes from  3.0.10 to 3.4.2.
>>
>> Trying to transition from 3.0.10 to 3.4.2 with a minimal change to the
>> system
>> meaning it would be nice to only change the smb.conf file if possible.
>>
>> The new version doesn't seem to properly work.  getent passwd only
>> produces
>> entries from /etc/passwd.  Sometimes, getent passwd user will get results
>> but usually they don't.
>>
>> Also, when winbindd (ves 3.0.10) started it would have a heavy load for
>> about
>> 15 minutes while it loaded information.  This version (3.4.2) seems to
>> have
>> very little load so it seems to act differently or it is having a problem.
>>
>> Any suggestions on how to change the global section below quickly and
>> easily
>> to make this a transparent tranision?
>>
>> Below is the global section of our smb.conf for 3.0.10.
>> Note: I changed the workgroup/realm for posting. I just want it to work
>> like
>> the previous system worked.
>>
>> [global]
>>        workgroup = XX
>>        realm = XX.YYY.ZZZ
>>        security = ADS
>>        encrypt passwords = yes
>>        log level = 1
>>        idmap uid = 2000-900000
>>        idmap gid = 2000-900000
>>        winbind enum users = yes
>>        winbind enum groups = yes
>>        template homedir = /u/%U
>>        template shell = /bin/false
>>        winbind use default domain = yes
>>        winbind cache time = 1800
>>        wins server = 143.231.3.194 143.231.40.66
>>        client schannel = no
>> #starting to add stuff to see how things are working
>> #username map = /usr/local/samba/lib/users.map
>> #guestaccount = NULL
>> #load printers = yes
>> log file = /usr/local/samba/var/log.%m
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>

> Backendwise, it has to be local, we don't have any write permission to AD
> or
> LDAP.
>
> If I do: wbinfo -n knixon, I get the ssid back.  Taking it to the next
> level
> with:
> wbinfo -S `wbinfo -n knixon`  gets me:
> Could not convert sid S-1-5-21-1606980848-1644491937-839522115-152478 to
> uid
> So it looks like we are getting what we need from AD and that I just have
> some kind of issue with the smb.conf configuration.
>
>
>

> On Behalf Of Wayne Rasmussen
> Sent: Friday, October 30, 2009 4:37 PM
> To: samba@...
> Subject: [Samba] idmapping changes from 3.0.10 to 3.4.2.
>
> idmapping changes from  3.0.10 to 3.4.2.
>
> Trying to transition from 3.0.10 to 3.4.2 with a minimal change to the
> system
> meaning it would be nice to only change the smb.conf file if possible.
>
> The new version doesn't seem to properly work.  getent passwd only

> the previous system worked.
>
> [global]
>         workgroup = XX
>         realm = XX.YYY.ZZZ
>         security = ADS
>         encrypt passwords = yes
>         log level = 1
>         idmap uid = 2000-900000
>         idmap gid = 2000-900000
>         winbind enum users = yes
>         winbind enum groups = yes
>         template homedir = /u/%U
>         template shell = /bin/false
>         winbind use default domain = yes
>         winbind cache time = 1800
>         wins server = 143.231.3.194 143.231.40.66
>         client schannel = no
> #starting to add stuff to see how things are working
> #username map = /usr/local/samba/lib/users.map
> #guestaccount = NULL
> #load printers = yes
> log file = /usr/local/samba/var/log.%m
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba