Bug 156810
| Summary: | samba: --with-shared-modules=idmap_ad | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Rex Dieter <rdieter> |
| Component: | samba | Assignee: | Simo Sorce <ssorce> |
| Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.0 | CC: | danny.wall, it, me, ralston, samba-bugs-list, sjohnson, urkle |
| Target Milestone: | --- | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-05-14 19:45:41 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Ping... can we *please* get this support enabled (in fc5 at least?) While you're at it, you can ad idmap_ad as well, using
--with-shared-modules=idmap_ad,idmap_rid
and adding to
%files common
...
%{_libdir}/samba/idmap
This idmap support is essential for most folks trying to integrate with Active
Directory.
Yes can we PLEASE have this enabled.. I though these were enabled at one point.. This is very useful in getting winbind to work across multiple systems. (which right now it doesn't work at ALL on fedora for me). Looks like these have been enabled in the latest development samba build: * Mon Nov 13 2005 Jay Fenlason <fenlason> 3.0.20b-2 ... - Include --with-shared-modules=idmap_ad,idmap_rid to close bz#156810 --with-shared-modules=idmap_ad,idmap_rid ... Any chance of getting these added to RHEL4's samba? I was just bitten by this--I spent 30 minutes trying to figure out why smbd couldn't load the idmap_rid backend before I realized that it simply wasn't *there*. :( Since we have a support contract with Red Hat, I've opened Service Request 842336 and requested that the next updates for RHEL3 and RHEL4 include samba packages that have been compiled with the --with-shared-modules=idmap_rid configure option. (The --with-shared-modules=idmap_ad option doesn't seem to exist in 3.0.10.) The idmap_ad option was added in Samba 3.0.20, along with a complete re-write of winbind, so it would be awfully nice to include that... I have RHEL4, but not a support contract, and I desperately need the idmap_ad option. Three and a half months, RHEL == 3.0.10, FC4 == 3.0.14a. Any sign of the fabled 3.0.20 ? This is a feature I desperately need too. It eliminates the need to have another ldap store, thus reducing complexity. The feature has been available since November 2004, and Novell/SuSe has supported it for quite some time. I already pay AS support for these six servers, plus GFS and clustering. I would hate to go beyond the support agreement, just to enable this feature, but we need it. I hope to see it in the next update of RHEL 4 (SOON). Thanks FWIW, I easily recompiled the SRPM from Fedora Core 4 on my RHEL4 system. Afterwards, I was easily able to apply idmap_rid for my server. The SRPM can be downloaded here http://mirrors.kernel.org/fedora/core/updates/4/SRPMS/samba-3.0.23a-1.fc4.1.src.rpm simply rpmbuild --rebuild samba-3.0.23a-1.fc4.1.src.rpm RHEL4's samba-3.0.10-1.4E.9 contains the idmap_rid idmap library (part of RHEL4 U4) it does not, however contain the idmap_ad library. So if you have a fully updated RHEL4 system you had rid, but not ad. (though I can't find any docs on how the idmap_ad one works, so for now rid works fine) updating subject to match reality (that idmap_rid is already included). afaik, idmap_ad isn't/wasn't included, most likely, because idmap_ad is only available in relatively recent samba releases (ie, in 3.0.20+ ?), so this RFE also implicitly includes a samba version upgrade as well. Sigh, 2+ years, I don't care anymore... Someone else can open a bug if they still want this. I just tried to close this bug, resolved->notabug, but bugzilla gave the error: You tried to change the Status field from NEW to CLOSED, but only the owner or submitter of the bug, or a autorized user, may change that field. Someone with sufficient bugzilla mojo, please close this. This bug was automatically closed but idmap_ad is now available in the latest updates. |
Please include/use the configure option: --with-shared-modules=idmap_rid to allow greater winbind functionality, via the idmap backend smb.conf parameter: idmap backend (G) The purpose of the idmap backend parameter is to allow idmap to NOT use the local idmap tdb file to obtain SID to UID / GID map- pings, but instead to obtain them from a common LDAP backend. ... Allowing something like: idmap backend = idmap_rid:DOMNAME=1000-100000000