[Samba] IDMAP_RID with Winbind works for groups but not users
Andrew Lyon
andrew.lyon at gmail.com
Mon Mar 22 02:18:25 MDT 2010
Hi,
I've setup samba 3.4.7 to use idmap_rid as per the documentation:
idmap backend = rid:DOMAIN=500-100000000
idmap gid = 500-100000000
imap uid = 500-100000000
It seems to work for groups:
wbinfo --group-info="domain admins"
domain admins:x:100512
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com
SID for DOMAIN\domain admins:
S-1-5-21-xxxxxxxxxx-xxxxxxxx-xxxxxxxxxx-512
But not for users:
wbinfo --user-info=administrator
administrator:*:10027:10005:Administrator:/home/DOMAIN/administrator:/bin/zsh
SID for DOMAIN\administrator:
S-1-5-21-xxxxxxxxxx-xxxxxxxxx-xxxxxxxxxx-500
wbinfo --user-info="Test User"
test user:*:10048:10005:Test User:/home/DOMAIN/test user:/bin/zsh
SID for DOMAIN\test user:
S-1-5-21-xxxxxxxxx-xxxxxxxxx-xxxxxxxxxx-1758
Have I made a mistake in the configuration?
Andy
More information about the samba
mailing list