Red Hat Bugzilla – Bug 156810
Last modified: 2010-10-21 22:57:42 EDT
Please include/use the configure option: --with-shared-modules=idmap_rid to
allow greater winbind functionality, via the idmap backend smb.conf parameter:
idmap backend (G)
The purpose of the idmap backend parameter is to allow idmap to
NOT use the local idmap tdb file to obtain SID to UID / GID map-
pings, but instead to obtain them from a common LDAP backend.
Allowing something like:
idmap backend = idmap_rid:DOMNAME=1000-100000000
Ping... can we *please* get this support enabled (in fc5 at least?)
While you're at it, you can ad idmap_ad as well, using
and adding to
This idmap support is essential for most folks trying to integrate with Active
Yes can we PLEASE have this enabled.. I though these were enabled at one point..
This is very useful in getting winbind to work across multiple systems. (which
right now it doesn't work at ALL on fedora for me).
Looks like these have been enabled in the latest development samba build:
* Mon Nov 13 2005 Jay Fenlason <firstname.lastname@example.org> 3.0.20b-2
- Include --with-shared-modules=idmap_ad,idmap_rid to close
Any chance of getting these added to RHEL4's samba?
I was just bitten by this--I spent 30 minutes trying to figure out why smbd
couldn't load the idmap_rid backend before I realized that it simply wasn't
Since we have a support contract with Red Hat, I've opened Service Request
842336 and requested that the next updates for RHEL3 and RHEL4 include samba
packages that have been compiled with the --with-shared-modules=idmap_rid
configure option. (The --with-shared-modules=idmap_ad option doesn't seem to
exist in 3.0.10.)
The idmap_ad option was added in Samba 3.0.20, along with a complete re-write of
winbind, so it would be awfully nice to include that... I have RHEL4, but not a
support contract, and I desperately need the idmap_ad option.
Three and a half months, RHEL == 3.0.10, FC4 == 3.0.14a.
Any sign of the fabled 3.0.20 ?
This is a feature I desperately need too. It eliminates the need to have
another ldap store, thus reducing complexity. The feature has been available
since November 2004, and Novell/SuSe has supported it for quite some time. I
already pay AS support for these six servers, plus GFS and clustering. I would
hate to go beyond the support agreement, just to enable this feature, but we
need it. I hope to see it in the next update of RHEL 4 (SOON). Thanks
FWIW, I easily recompiled the SRPM from Fedora Core 4 on my RHEL4 system.
Afterwards, I was easily able to apply idmap_rid for my server.
The SRPM can be downloaded here
simply rpmbuild --rebuild samba-3.0.23a-1.fc4.1.src.rpm
RHEL4's samba-3.0.10-1.4E.9 contains the idmap_rid idmap library (part of RHEL4 U4)
it does not, however contain the idmap_ad library.
So if you have a fully updated RHEL4 system you had rid, but not ad. (though I
can't find any docs on how the idmap_ad one works, so for now rid works fine)
updating subject to match reality (that idmap_rid is already included).
afaik, idmap_ad isn't/wasn't included, most likely, because idmap_ad is only
available in relatively recent samba releases (ie, in 3.0.20+ ?), so this RFE
also implicitly includes a samba version upgrade as well.
Sigh, 2+ years, I don't care anymore...
Someone else can open a bug if they still want this.
I just tried to close this bug, resolved->notabug, but bugzilla gave the error:
You tried to change the Status field from NEW to CLOSED, but only the owner or
submitter of the bug, or a autorized user, may change that field.
Someone with sufficient bugzilla mojo, please close this.
This bug was automatically closed but idmap_ad is now available in the latest