When built with winbind support and setting up smb.conf and an LDAP directory based on the SambaWiki article "Ldapsam Editposix" (http://wiki.samba.org/index.php/Ldapsam_Editposix) while respecting the changes made to the idmap configuration options as of 3.3 (http://us1.samba.org/samba/history/samba-3.3.0.html), provisioning the LDAP backend using "net sam provision" fails, and the log.winbindd-idmap log file describes the error with: [<date> <time>, 3] lib/module.c:do_smb_load_module(48) Error loading module '/usr/lib/samba/samba/idmap/ldap.so': /usr/lib/samba/samba/idmap/ldap.so: cannot open shared object file: No such file or directory [<date> <time>, 1] winbindd/idmap.c:idmap_alloc_init(578) could not find idmap alloc module ldap This behaviour is produced in 3.3.0 and 3.3.1, and the same LDAP server was used and originally provisioned with Samba 3.2.8 without problems. The relevant portions of smb.conf are below. [global] workgroup = MYDOMAIN security = user domain logons = yes domain master = yes preferred master = yes enable privileges = yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=Manager,dc=mydomain,dc=com ldap suffix = dc=mydomain,dc=com ldap ssl = no ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap passwd sync = yes ldap delete dn = yes ldapsam:trusted = yes ldapsam:editposix = yes idmap backend = ldap idmap uid = 10000-19999 idmap gid = 10000-19999 idmap config MYDOMAIN : backend = ldap idmap config MYDOMAIN : readonly = no idmap config MYDOMAIN : ldap_base_dn = dc=Idmap,dc=mydomain,dc=com idmap config MYDOMAIN : ldap_user_dn = cn=Manager,dc=mydomain,dc=com idmap config MYDOMAIN : ldap_url = ldap://127.0.0.1/ idmap alloc backend = ldap idmap alloc config : ldap_base_dn = dc=Idmap,dc=mydomain,dc=com idmap alloc config : ldap_user_dn = cn=Manager,dc=mydomain,dc=com idmap alloc config : ldap_url = ldap://127.0.0.1/
Can you post the output of: smbd -b ?
Created attachment 3957 [details] Output of smbd -b This is the output of 'smbd -b' (the build options) from the Arch Linux package samba-3.3.1-1, which has the same bug and is known to be built with the idmap_ldap module.
Strange, the builtin modules list shows imdap_ldap as compiled in. Winbindd shouldn't try to open an external shared object for it ...
It looks like smb_register_idmap_alloc and smb_register_idmap (in winbindd/idmap.c) aren't being called when they should be, so the alloc_backends list is empty when get_alloc_methods is called from line 567 of winbindd/idmap.c. This in turn makes idmap_alloc_ctx->methods NULL at 567, so at 570 it calls smb_probe_module, which is why it ends up looking for a shared library.
*** This bug has been marked as a duplicate of bug 6286 ***