Hello, I have upgrade my samba PDC from 3.xx (lenny) to 4.1 (jessie).
ldap and samba shares work all fine.
When I try to add a user I get the following
smbpasswd -a foobar
New SMB password:
Retype new SMB password:
ldapsam_create_user: Unable to allocate a new user id: bailing out!
Failed to add entry for user foobar.
I found this workaround
https://lists.samba.org/archive/samba/2009-October/151528.html
but testparam say that
WARNING: The "idmap backend" option is deprecated
Unknown parameter encountered: "idmap alloc backend"
Ignoring unknown parameter "idmap alloc backend"
smbd -V
Version 4.1.17-Debian
egrep -v "(^#|^$|^;)" /etc/samba/smb.conf
[global]
workgroup = foo
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
os level = 255
preferred master = yes
domain master = yes
local master = yes
vfs object = recycle
recycle:repository = /home/samba/Papierkorb/%U
recycle:keeptree = yes
recycle:exclude = *.tmp *.temp *.swp
recycle:exclude_dir = /tmp /temp
recycle:touch = yes
server role = classic primary domain controller
encrypt passwords = true
passdb backend = ldapsam:ldapi:///
ldapsam:trusted=yes
ldapsam:editposix=yes
ldap admin dn = cn=admin,dc=foo
ldap group suffix = ou=Groups
ldap machine suffix = ou=Machines
ldap user suffix = ou=Users
ldap suffix = dc=foo
ldap ssl = off
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
domain logons = yes
logon path =
logon script = login.bat
admin users = root, Administrator, @Domain Admins, admin
;idmap uid = 10000-20000
;idmap gid = 10000-20000
;template shell = /bin/bash
idmap alloc config:ldap_base_dn = ou=idmap,dc=foo
idmap alloc config:ldap_user_dn = cn=admin,dc=foo
idmap alloc config:ldap_url = ldapi:///
usershare allow guests = yes
[homes]
comment = Home Directories
browseable = no
read only = yes
create mask = 0700
directory mask = 0700
valid users = %S
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
read only = yes
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
I want to use a samba NT4 domain and no AD.
Thanks for any help.
Best Regards, Basti