Bug 156810 - samba: --with-shared-modules=idmap_ad
samba: --with-shared-modules=idmap_ad
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: samba (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Simo Sorce
David Lawrence
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-05-04 09:40 EDT by Rex Dieter
Modified: 2010-10-21 22:57 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-14 15:45:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rex Dieter 2005-05-04 09:40:45 EDT
Please include/use the configure option: --with-shared-modules=idmap_rid to
allow greater winbind functionality, via the idmap backend smb.conf parameter:

       idmap backend (G)
              The purpose of the idmap backend parameter is to allow idmap  to
              NOT use the local idmap tdb file to obtain SID to UID / GID map-
              pings, but instead to obtain them from a  common  LDAP  backend.
              ...

Allowing something like:
 idmap backend = idmap_rid:DOMNAME=1000-100000000
Comment 1 Rex Dieter 2005-08-05 12:13:59 EDT
Ping... can we *please* get this support enabled (in fc5 at least?)
Comment 2 Rex Dieter 2005-10-04 09:50:13 EDT
While you're at it, you can ad idmap_ad as well, using
--with-shared-modules=idmap_ad,idmap_rid

and adding to 
%files common
...
%{_libdir}/samba/idmap

This idmap support is essential for most folks trying to integrate with Active
Directory.
Comment 3 Edward Rudd 2005-12-16 14:36:00 EST
Yes can we PLEASE have this enabled.. I though these were enabled at one point..
This is very useful in getting winbind to work across multiple systems.  (which
right now it doesn't work at ALL on fedora for me).
Comment 4 Rex Dieter 2005-12-22 14:02:00 EST
Looks like these have been enabled in the latest development samba build:

* Mon Nov 13 2005 Jay Fenlason <fenlason@redhat.com> 3.0.20b-2
...
- Include  --with-shared-modules=idmap_ad,idmap_rid to close
  bz#156810 --with-shared-modules=idmap_ad,idmap_rid
...

Any chance of getting these added to RHEL4's samba?
Comment 5 James Ralston 2006-03-15 19:44:21 EST
I was just bitten by this--I spent 30 minutes trying to figure out why smbd
couldn't load the idmap_rid backend before I realized that it simply wasn't
*there*.  :(

Since we have a support contract with Red Hat, I've opened Service Request
842336 and requested that the next updates for RHEL3 and RHEL4 include samba
packages that have been compiled with the --with-shared-modules=idmap_rid
configure option.  (The --with-shared-modules=idmap_ad option doesn't seem to
exist in 3.0.10.)
Comment 6 Shannon Johnson 2006-03-20 08:57:27 EST
The idmap_ad option was added in Samba 3.0.20, along with a complete re-write of
winbind, so it would be awfully nice to include that... I have RHEL4, but not a
support contract, and I desperately need the idmap_ad option.
Comment 7 Andrej Todosic 2006-07-06 14:38:21 EDT
Three and a half months, RHEL == 3.0.10, FC4 == 3.0.14a.
Any sign of the fabled 3.0.20 ?
Comment 8 Danny Wall 2006-07-17 13:30:14 EDT
This is a feature I desperately need too. It eliminates the need to have 
another ldap store, thus reducing complexity. The feature has been available 
since November 2004, and Novell/SuSe has supported it for quite some time. I 
already pay AS support for these six servers, plus GFS and clustering. I would 
hate to go beyond the support agreement, just to enable this feature, but we 
need it. I hope to see it in the next update of RHEL 4 (SOON). Thanks
Comment 9 Tarun Reddy 2006-08-28 20:27:12 EDT
FWIW, I easily recompiled the SRPM from Fedora Core 4 on my RHEL4 system.
Afterwards, I was easily able to apply idmap_rid for my server.

The SRPM can be downloaded here
http://mirrors.kernel.org/fedora/core/updates/4/SRPMS/samba-3.0.23a-1.fc4.1.src.rpm


simply rpmbuild --rebuild samba-3.0.23a-1.fc4.1.src.rpm
Comment 10 Edward Rudd 2006-08-28 22:56:33 EDT
RHEL4's samba-3.0.10-1.4E.9 contains the idmap_rid idmap library (part of RHEL4 U4)

it does not, however contain the idmap_ad library.

So if you have a fully updated RHEL4 system you had rid, but not ad. (though I
can't find any docs on how the idmap_ad one works, so for now rid works fine)
Comment 11 Rex Dieter 2006-11-22 09:00:21 EST
updating subject to match reality (that idmap_rid is already included).  

afaik, idmap_ad isn't/wasn't included, most likely, because idmap_ad is only
available in relatively recent samba releases (ie, in 3.0.20+ ?), so this RFE
also implicitly includes a samba version upgrade as well.
Comment 12 Rex Dieter 2007-04-17 09:15:29 EDT
Sigh, 2+ years, I don't care anymore... 
Someone else can open a bug if they still want this.

I just tried to close this bug, resolved->notabug, but bugzilla gave the error:
You tried to change the Status field from NEW to CLOSED, but only the owner or
submitter of the bug, or a autorized user, may change that field.

Someone with sufficient bugzilla mojo, please close this.
Comment 14 Simo Sorce 2007-11-28 08:58:35 EST
This bug was automatically closed but idmap_ad is now available in the latest
updates.

Note You need to log in before you can comment on or make changes to this bug.