[Samba] ADS Domain Member smb.conf using idmap_ad
Freeman
flo at email.unc.edu
Wed Nov 23 06:04:38 MST 2011
Greetings Samba Community,
This is the part where i need help, I don't quite understand what range
of values to put for "idmap uid=RANGE/idmap gid=RANGE" VS "idmap config
AD : range=" for the domain that i have this machine joined.
I would like for someone to provide me with some explanations/examples
to try on those three values. sadly, i am at a lost here. I am pretty
close in getting this machine to work perfectly.
What should be the range values for:
idmap uid=
idmap gid=
idmap config AD : range=
So, my configuration is correct if i were to join a windows 2003 server
domain with users's uid/gid converted on the windows side ?
I should really be using idmap backend = tdb instead of idmap backend = ad.
There was an error in the winbind log about reading not recognized
"idmap backend = ad".
Should this really be "idmap backend = idmap_ad" ?
Freeman
On 11/23/2011 06:45 AM, Jonathan Buzzard wrote:
> On Tue, 2011-11-22 at 16:47 -0500, Freeman wrote:
>
> [SNIP]
>
>> # this doesn't seem to work for some reason
>> # i am trying to use idmap_ad
>> # idmap backend = ad
>> idmap backend = tdb
>> idmap uid = 1000-5000000
>> idmap gid = 1000-5000000
>>
>> idmap config AD : default = yes
>> idmap config AD : cache time = 180
>> idmap config AD : backend = ad
>> # idmap config AD : range = 100001-200000
>> idmap config AD : schema_mode = rfc2307
>>
>>
> Your problem is the id ranges for the tdb and ad backends overlap. I am
> not sure exactly why this is a problem, but the basics are it don't work
> if they do. Fix that, and restart everything and it will all start
> magically working.
>
> JAB.
>
More information about the samba
mailing list