Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Samba idmap ldap: works perfect on Linux,bad on Solaris and hpux
Operating Systems Solaris Samba idmap ldap: works perfect on Linux,bad on Solaris and hpux Post 302877795 by Linusolaradm1 on Tuesday 3rd of December 2013 11:21:39 AM
Old 12-03-2013
Samba idmap ldap: works perfect on Linux,bad on Solaris and hpux
I have configured samba for working
with and external ldap(ad windows2003+openldap backend to obtain the same uid and gid on all linux machines)
On linux works perfect,and i get the same uid for a X user
on all machines.
On solaris11 and hpux 11.31 not
wbinfo -u works fine
wbinfo -g works fine
wbinfo -i user give WBC_ERR_DOMAIN_NOT_FOUND

This is my samba configuration
Code:
    idmap config * : backend      = ldap
    idmap config * : range        = 10000-20000
    idmap config * : ldap_url     = ldap://server.domain 
    idmap config * : ldap_base_dn = ou=idmap,dc=ldap1,dc=domain,dc=test
    idmap config * : ldap_user_dn = cn=Manager,dc=ldap1,dc=domain,dc=test

of course idmap password of Manager is stored.
I try also the old config style(deprecated on samba 3.6)
but doesn't work.
Is possible to fix this problem?
Thanks
Last edited by Franklin52; 12-04-2013 at 03:06 AM.. Reason: Please use code tags
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Appending line with sed works on Linux but not on Solaris

Hi folks, Our application installation uses "sed" command to append string after specific line or after line number. Both cases work perfect on Linux but fail on Solaris. The OS versions are Solaris 9 and Linux Red Hat AS 3. i.g: Linux: ----- file foo.txt aaa bbb ccc ddd root#... (4 Replies)
Discussion started by: nir_s
4 Replies

2. Shell Programming and Scripting

Script works on Solaris, not on Linux

I'm in the same boat as Barbus - same exercis (https://www.unix.com/shell-programming-scripting/43609-processes-users.html) The following script works on a solaris server I have access to. It doesn't however, work on the companies Linux machine. Any idea what's up? I have very little shell... (0 Replies)
Discussion started by: Silverhood
0 Replies

3. Shell Programming and Scripting

Script works on Solaris, not on Linux

I'm in the same boat as Barbus - same exercis (https://www.unix.com/shell-programming-scripting/43609-processes-users.html) The following script works on a solaris server I have access to. It doesn't however, work on the companies Linux machine. Any idea what's up? I have very little shell... (1 Reply)
Discussion started by: Silverhood
1 Replies

4. Shell Programming and Scripting

awk -F works on Linux, but not on Solaris

Hello, I found this command works on Linux: $ echo `uptime` | awk -F "load average: " '{ print $2 }' 1.60, 1.53, 1.46 but got error on Solaris: $ echo `uptime` | awk -F "load average: " '{ print $2 }' awk: syntax error near line 1 awk: bailing out near line 1 $ which awk... (2 Replies)
Discussion started by: seafan
2 Replies

5. Shell Programming and Scripting

Script works with Linux not with Solaris

Hi I have the following script which works in Linux shell but gives issues with Sun OS Solaris 5.10, What i am trying to achieve here is we have a list of file names in list.txt file and we parse each file at a time for a particular pattern and copt next 4 lines after we hit the pattern to a... (6 Replies)
Discussion started by: Yugendra
6 Replies

6. Shell Programming and Scripting

Grep works on Linux but fails on Solaris

Hi, On linux i have the below command working fine. grep -o '<name>.*</name>' deploy.tmp | sed 's/\(<name>\|<\/name>\)//g' deploy.tmp But the same is failing on Solaris uname -a SunOS mymac 5.10 Generic_150400-23 sun4v sparc sun4v Can you tell me how can i get it work on Solaris ?... (6 Replies)
Discussion started by: mohtashims
6 Replies

7. Shell Programming and Scripting

awk works on Linux but fails on Solaris

On linux i have the below command working fine. awk '/<app-deploy>/{A=1;++i} /<\/app-deploy>/{print >> "found"i".tmp";A=0} A{;print >> "found"i".tmp"}' deploy.xml But the same is failing on Solaris Output: awk: syntax error near line 1 awk: bailing out near line 1 uname -a SunOS mymac 5.10... (5 Replies)
Discussion started by: mohtashims
5 Replies

8. Shell Programming and Scripting

sed works on Linux but fails on Solaris

Hi, On Linux i get the desired ouput: echo "<value>WEB_USER</value>" | sed 's/\(<value>\|<\/value>\)//g'Output: Executing the same command on Solaris: echo "<value>WEB_USER</value>" | sed 's/\(<value>\|<\/value>\)//g'Output: I need to get the desired output on Solaris i.e. WEB_USER and... (4 Replies)
Discussion started by: mohtashims
4 Replies

9. Shell Programming and Scripting

Find command works on Linux but fails on Solaris.

Hi, I am looking for a generic find command that works on both Linux and Solaris. I have the below command that works fine on Linux but fails on solaris.find /web/config -type f '(' -name '*.txt' -or -name '*.xml' -name '*.pro' ')' Fails on SunOS mysolaris 5.10 Generic_150400-61 sun4v sparc... (1 Reply)
Discussion started by: mohtashims
1 Replies

10. Shell Programming and Scripting

Solution which is works perfect if all headers match from file b

HI Guys, I have file A.txt Code: ID,L1,L2,L3,L4 1A,2a,33a,44b,55c 2A,10a,14a,15b,16c File B.txt Code: ID L1 L4 L5 Output:- Code: (3 Replies)
Discussion started by: huuanh2811
3 Replies

LEARN ABOUT OPENSOLARIS

idmap_ldap

IDMAP_LDAP(8)                                               System Administration tools                                              IDMAP_LDAP(8)

NAME

       idmap_ldap - Samba's idmap_ldap Backend for Winbind

DESCRIPTION

       The idmap_ldap plugin provides a means for Winbind to store and retrieve SID/uid/gid mapping tables in an LDAP directory service.

       In contrast to read only backends like idmap_rid, it is an allocating backend: This means that it needs to allocate new user and group IDs
       in order to create new mappings. The allocator can be provided by the idmap_ldap backend itself or by any other allocating backend like
       idmap_tdb or idmap_tdb2. This is configured with the parameter idmap alloc backend.

       Note that in order for this (or any other allocating) backend to function at all, the default backend needs to be writeable. The ranges
       used for uid and gid allocation are the default ranges configured by "idmap uid" and "idmap gid".

       Furthermore, since there is only one global allocating backend responsible for all domains using writeable idmap backends, any explicitly
       configured domain with idmap backend ldap should have the same range as the default range, since it needs to use the global uid / gid
       allocator. See the example below.

IDMAP OPTIONS

       ldap_base_dn = DN
           Defines the directory base suffix to use when searching for SID/uid/gid mapping entries. If not defined, idmap_ldap will default to
           using the "ldap idmap suffix" option from smb.conf.

       ldap_user_dn = DN
           Defines the user DN to be used for authentication. If absent an anonymous bind will be performed.

       ldap_url = ldap://server/
           Specifies the LDAP server to use when searching for existing SID/uid/gid map entries. If not defined, idmap_ldap will assume that
           ldap://localhost/ should be used.

       range = low - high
           Defines the available matching uid and gid range for which the backend is authoritative. If the parameter is absent, Winbind fails over
           to use the "idmap uid" and "idmap gid" options from smb.conf.

IDMAP ALLOC OPTIONS

       ldap_base_dn = DN
           Defines the directory base suffix under which new SID/uid/gid mapping entries should be stored. If not defined, idmap_ldap will default
           to using the "ldap idmap suffix" option from smb.conf.

       ldap_user_dn = DN
           Defines the user DN to be used for authentication. If absent an anonymous bind will be performed.

       ldap_url = ldap://server/
           Specifies the LDAP server to which modify/add/delete requests should be sent. If not defined, idmap_ldap will assume that
           ldap://localhost/ should be used.

EXAMPLES

       The follow sets of a LDAP configuration which uses two LDAP directories, one for storing the ID mappings and one for retrieving new IDs.

                [global]
                idmap backend = ldap:ldap://localhost/
                idmap uid = 1000000-1999999
                idmap gid = 1000000-1999999

                idmap alloc backend = ldap
                idmap alloc config : ldap_url = ldap://id-master/
                idmap alloc config : ldap_base_dn = ou=idmap,dc=example,dc=com

NOTE

       In order to use authentication against ldap servers you may need to provide a DN and a password. To avoid exposing the password in plain
       text in the configuration file we store it into a security store. The "net idmap " command is used to store a secret for the DN specified
       in a specific idmap domain.

AUTHOR

       The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

Samba 3.5                                                           06/18/2010                                                       IDMAP_LDAP(8)
All times are GMT -4. The time now is 05:58 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy