Bug 862195 - authconfig needs to be updated to reflect the samba idmap changes since Samba 3.6
Summary: authconfig needs to be updated to reflect the samba idmap changes since Samba...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: authconfig
Version: 6.4
Hardware: Unspecified
OS: Unspecified
medium
high
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: Iveta Wiedermann
URL:
Whiteboard:
Depends On:
Blocks: 801095
TreeView+ depends on / blocked
 
Reported: 2012-10-02 09:11 UTC by Tomas Mraz
Modified: 2013-02-21 11:02 UTC (History)
4 users (show)

Fixed In Version: authconfig-6.1.12-11.el6
Doc Type: Bug Fix
Doc Text:
Cause: The new samba-3.6 release changed the way the idmap range for mapping users from the windows active directory to the system uids and gids. Consequence: Authconfig was no longer properly configuring the idmap range in smb.conf when --smbidmapuid and --smbidmapgid options were used. Fix: Authconfig was improved to properly use the new syntax of the idmap range configuration that is supported in samba 3.6. Result: The idmap range is properly configured if authconfig is used.
Clone Of: 850824
Environment:
Last Closed: 2013-02-21 11:02:28 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:0486 normal SHIPPED_LIVE authconfig bug fix update 2013-02-20 21:06:28 UTC

Description Tomas Mraz 2012-10-02 09:11:16 UTC
+++ This bug was initially created as a clone of Bug #850824 +++

Description of problem:

In Samba 3.6 the id mapping configuration has been changed and simplified. See the release notes:

https://www.samba.org/samba/history/samba-3.6.0.html

and the smb.conf and idmap manpages.

Example:
        workgroup = LEVEL1
        realm = LEVEL1.DISCWORLD.SITE
        security = ads

        # v3.6 common id range
        passdb backend = tdbsam
        idmap config * : range = 1000000-1999999

        # Winbind domain idmap
        idmap config LEVEL1 : backend = rid
        idmap config LEVEL1 : range = 100000000-199999999

--- Additional comment from asn@redhat.com on 2012-08-22 15:38:57 CEST ---

The same applies to RHEL 6.4, RHEL 7.0 and Fedora. Should I open a bug for each or will you just clone this bug?

--- Additional comment from tmraz@redhat.com on 2012-08-27 16:55:35 CEST ---

Is the new samba completely backwards incompatible with the old settings?

--- Additional comment from asn@redhat.com on 2012-08-27 17:25:27 CEST ---

No, the old idmap settings will not work anymore. You NEED to change them!

Comment 6 errata-xmlrpc 2013-02-21 11:02:28 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0486.html


Note You need to log in before you can comment on or make changes to this bug.