Samba idmap ldap: works perfect on Linux,bad on Solaris and hpux
I have configured samba for working
with and external ldap(ad windows2003+openldap backend to obtain the same uid and gid on all linux machines)
On linux works perfect,and i get the same uid for a X user
on all machines.
On solaris11 and hpux 11.31 not
wbinfo -u works fine
wbinfo -g works fine
wbinfo -i user give WBC_ERR_DOMAIN_NOT_FOUND
This is my samba configuration
of course idmap password of Manager is stored.
I try also the old config style(deprecated on samba 3.6)
but doesn't work.
Is possible to fix this problem?
Thanks
Last edited by Franklin52; 12-04-2013 at 03:06 AM..
Reason: Please use code tags
Hi folks,
Our application installation uses "sed" command to append string after specific line or after line number.
Both cases work perfect on Linux but fail on Solaris.
The OS versions are Solaris 9 and Linux Red Hat AS 3.
i.g:
Linux:
-----
file foo.txt
aaa
bbb
ccc
ddd
root#... (4 Replies)
I'm in the same boat as Barbus - same exercis (https://www.unix.com/shell-programming-scripting/43609-processes-users.html)
The following script works on a solaris server I have access to. It doesn't however, work on the companies Linux machine. Any idea what's up? I have very little shell... (0 Replies)
I'm in the same boat as Barbus - same exercis (https://www.unix.com/shell-programming-scripting/43609-processes-users.html)
The following script works on a solaris server I have access to. It doesn't however, work on the companies Linux machine. Any idea what's up? I have very little shell... (1 Reply)
Hello,
I found this command works on Linux:
$ echo `uptime` | awk -F "load average: " '{ print $2 }'
1.60, 1.53, 1.46
but got error on Solaris:
$ echo `uptime` | awk -F "load average: " '{ print $2 }'
awk: syntax error near line 1
awk: bailing out near line 1
$ which awk... (2 Replies)
Hi I have the following script which works in Linux shell but gives issues with Sun OS Solaris 5.10,
What i am trying to achieve here is we have a list of file names in list.txt file and we parse each file at a time for a particular pattern and copt next 4 lines after we hit the pattern to a... (6 Replies)
Hi,
On linux i have the below command working fine.
grep -o '<name>.*</name>' deploy.tmp | sed 's/\(<name>\|<\/name>\)//g' deploy.tmp
But the same is failing on Solaris
uname -a
SunOS mymac 5.10 Generic_150400-23 sun4v sparc sun4v
Can you tell me how can i get it work on Solaris ?... (6 Replies)
On linux i have the below command working fine.
awk '/<app-deploy>/{A=1;++i} /<\/app-deploy>/{print >> "found"i".tmp";A=0} A{;print >> "found"i".tmp"}' deploy.xml
But the same is failing on Solaris
Output:
awk: syntax error near line 1
awk: bailing out near line 1
uname -a SunOS mymac 5.10... (5 Replies)
Hi,
On Linux i get the desired ouput:
echo "<value>WEB_USER</value>" | sed 's/\(<value>\|<\/value>\)//g'Output:
Executing the same command on Solaris:
echo "<value>WEB_USER</value>" | sed 's/\(<value>\|<\/value>\)//g'Output:
I need to get the desired output on Solaris i.e. WEB_USER and... (4 Replies)
Hi,
I am looking for a generic find command that works on both Linux and Solaris.
I have the below command that works fine on Linux but fails on solaris.find /web/config -type f '(' -name '*.txt' -or -name '*.xml' -name '*.pro' ')' Fails on SunOS mysolaris 5.10 Generic_150400-61 sun4v sparc... (1 Reply)
HI Guys,
I have file A.txt
Code:
ID,L1,L2,L3,L4
1A,2a,33a,44b,55c
2A,10a,14a,15b,16c
File B.txt
Code:
ID
L1
L4
L5
Output:-
Code: (3 Replies)
Discussion started by: huuanh2811
3 Replies
LEARN ABOUT CENTOS
idmap_ldap
IDMAP_LDAP(8) System Administration tools IDMAP_LDAP(8)NAME
idmap_ldap - Samba's idmap_ldap Backend for Winbind
DESCRIPTION
The idmap_ldap plugin provides a means for Winbind to store and retrieve SID/uid/gid mapping tables in an LDAP directory service.
In contrast to read only backends like idmap_rid, it is an allocating backend: This means that it needs to allocate new user and group IDs
in order to create new mappings.
IDMAP OPTIONS
ldap_base_dn = DN
Defines the directory base suffix to use for SID/uid/gid mapping entries. If not defined, idmap_ldap will default to using the "ldap
idmap suffix" option from smb.conf.
ldap_user_dn = DN
Defines the user DN to be used for authentication. The secret for authenticating this user should be stored with net idmap secret (see
net(8)). If absent, the ldap credentials from the ldap passdb configuration are used, and if these are also absent, an anonymous bind
will be performed as last fallback.
ldap_url = ldap://server/
Specifies the LDAP server to use for SID/uid/gid map entries. If not defined, idmap_ldap will assume that ldap://localhost/ should be
used.
range = low - high
Defines the available matching uid and gid range for which the backend is authoritative.
EXAMPLES
The following example shows how an ldap directory is used as the default idmap backend. It also configures the idmap range and base
directory suffix. The secret for the ldap_user_dn has to be set with "net idmap secret '*' password".
[global]
idmap config * : backend = ldap
idmap config * : range = 1000000-1999999
idmap config * : ldap_url = ldap://localhost/
idmap config * : ldap_base_dn = ou=idmap,dc=example,dc=com
idmap config * : ldap_user_dn = cn=idmap_admin,dc=example,dc=com
This example shows how ldap can be used as a readonly backend while tdb is the default backend used to store the mappings. It adds an
explicit configuration for some domain DOM1, that uses the ldap idmap backend. Note that a range disjoint from the default range is used.
[global]
# "backend = tdb" is redundant here since it is the default
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config DOM1 : backend = ldap
idmap config DOM1 : range = 2000000-2999999
idmap config DOM1 : read only = yes
idmap config DOM1 : ldap_url = ldap://server/
idmap config DOM1 : ldap_base_dn = ou=idmap,dc=dom1,dc=example,dc=com
idmap config DOM1 : ldap_user_dn = cn=idmap_admin,dc=dom1,dc=example,dc=com
NOTE
In order to use authentication against ldap servers you may need to provide a DN and a password. To avoid exposing the password in plain
text in the configuration file we store it into a security store. The "net idmap " command is used to store a secret for the DN specified
in a specific idmap domain.
AUTHOR
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
Source project similar to the way the Linux kernel is developed.
Samba 4.0 06/17/2014 IDMAP_LDAP(8)