Web lists-archives.com

[Samba] member server idmap config (auto)rid

I've joined a samba 4.48 (debian stretch) to a Windows 2008R2 AD domain according to https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member

It joins OK but I cannot get idmap rid (or autorid) to work

   idmap config * : backend = autorid
   idmap config * : range = 1000000-1199999

Nothing is returned for getent "SAMDOM\user"

log.winbindd shows:

[2017/08/07 15:44:08.377559, 3] ../source3/winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
  getpwnam SAMDOM\user
[2017/08/07 15:45:12.561500, 5] ../source3/winbindd/winbindd.c:1139(remove_timed_out_clients)
  Client request timed out, shutting down sock 26, pid 639

(libnss_winbind is installed and nsswitcy.conf modified as per wiki)

If however I use

       idmap config * : backend = tdb
       idmap config * : range = 3000-7999

   idmap config SAMDOM : backend = rid
   idmap config SAMDOM : range = 1000000-1199999

Then getent "SAMDOM\user" works but the uid is taken from the * range, not SAMDOM.

What am I doing wrong?

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba