[Samba] RFC2307 & Samba4 [Was: Linux users and Samba 4]
Adam Tauno Williams
awilliam at whitemice.org
Fri Jan 13 08:59:52 MST 2012
On Fri, 2012-01-13 at 10:32 -0500, Adam Tauno Williams wrote:
> On Fri, 2012-01-13 at 02:51 +0100, steve wrote:
> > On 12/01/12 23:02, Adam Tauno Williams wrote:
> > > Quoting steve <steve at steve-ss.com>:
> > >>>>> Samba4's winbind does not support RFC2307, so doing this is pretty
> > >>>>> rough. I think you need to either use CIFS + winbind everywhere or
> > >>>>> somehow maintain an external idmap.
> > >>>>> Yea, it is horrible. We are staring down the barrell of the same
> > >>>>> gun.
> > >>> As Jeremy said, they are discussing what needs to be done before
> > >>> releasing Samba 4.0.0 and how to reconcile Samba 3's winbind and Samba
> > >>> 4's winbind etc., so if something that is critical for you does not
> > >>> currently work, you should file a bug report.
> > >> Yep. I realise the 'alphaness' of Samba 4 but I think I am not alone
> > >> with my issue. I think I should be easy to fix now before it goes beta.
> > >> https://bugzilla.samba.org/show_bug.cgi?id=8635
> > >
> > > Holy awesome; it got better. I just tested an upgrade of our
> > > production domain and it appears that Samba4 took [and kept] the UID
> > > number from the existing account.
> > > Production
> > > -------------
> > > [root at littleboy ~]# id adam
> > > uid=437(adam) gid=230(cis) groups=230(cis)
> > > Test Server
> > > ------------
> > > barbel:~ # wbinfo -i adam
> > > BACKBONE\adam:*:437:100:Adam Williams:/home/BACKBONE/adam:/bin/false
> > > Home directory is a bit wierd, and the gidNumber didn't stick. But at
> > > least I have the uidNumber.
> > > 4.0.0alpha18-GIT-103c1cb [openSUSE 12.1 x86_64] transitioned via
> > > "samba-tool domain samba3upgrade" from Samba S3w/LDAPSAM.
> > Nice find you have there. Meanwhile I've got it working. Very rough. But
> > working for 10 hour Kerberos sessions at a time;)
> > http://linuxcostablanca.blogspot.com/2011/12/samba-4-linux-integration-first-i-want.html
> > Steve
>
> What I'm puzzled by [and maybe this is a deficiency in Samba4 still] is
> that while the LDAP modify works the wbinfo output doesn't change.
>
> dn: CN=adam,CN=Users,DC=micore,DC=us
> changetype: modify
> add: objectclass
> objectclass: posixaccount
> -
> add: objectclass
> objectclass: shadowaccount
> -
> add: uidnumber
> uidnumber: 437
> -
> add: gidnumber
> gidnumber: 230
> -
> add:unixhomedirectory
> unixhomedirectory: /home/adam
> -
> add: loginshell
> loginshell: /bin/ksh
>
> barbel:~ # wbinfo -i adam
> BACKBONE\adam:*:437:100:Adam Williams:/home/BACKBONE/adam:/bin/false
I am able to get my home-directory path back to the previous value
[ based on the useful information from this link -
<https://lists.samba.org/archive/samba/2010-May/156051.html> ]
Setting: template homedir = /home/%ACCOUNTNAME%
The old %U type variables aren't supported. But the above results in
the same thing -
barbel:/opt/s4 # wbinfo -i adam
BACKBONE\adam:*:437:100:Adam Williams:/home/adam:/bin/false
I found a list of Windows environment variables here
<http://vlaurie.com/computers2/Articles/environment.htm> According the
old 2010 thread these are now expanded on the client side in Microsoft
fashion rather than expanded on the serve [in the config backend??].
--
System & Network Administrator [ LPI & NCLA ]
<http://www.whitemiceconsulting.com>
OpenGroupware Developer <http://www.opengroupware.us>
Adam Tauno Williams
More information about the samba
mailing list