[Samba] AD uid/gid attributes
Michael Ray
mray at xes-inc.com
Wed Feb 6 13:06:43 MST 2013
Hey all-
I know this kind of post has come up before, but I was unable to get results following previous postings, so if anyone can shed a little light on this, I'd be very grateful:
The gist of the situation is this:
PDC: Samba4 [4.1.0pre1-GIT-394622e ]
Member: Samba3 (being used as a file share server) [3.6.3-2ubuntu2.3]
The Samba3 machine is joined to the domain and authenticates domain users successfully for both ssh and local logins via winbind/nss/pam.
However, the UID/GID attribute, although expressed in AD, is not the same.
On the Samba4 machine itself I can use "getent" and verify the proper uid/gid.
As I understand it though , when samba3 queries AD for information, by default its just authenticating user / password. It then makes a local UID/GID based on the range and backend specified in smb.conf.
I saw one post talking about using LDAP to query UID/GID information from AD instead of a local idmap, but was unable to get it to work.
I don't really want to add more overhead (i.e. LDAP) to this process if it can be avoided but will look at it again if there is no other way.
Here is a pastebin of the smb.conf on the samba3 server: http://pastebin.com/GrwUDCJ2
So to anyone who can point me in the right direction / let me know what worked for them, again, I'd be grateful.
Thanks,
Mike Ray
More information about the samba
mailing list