[Samba] What is --rfc2307-from-nss ??
Rowland Penny
rowlandpenny at googlemail.com
Wed Nov 26 06:23:40 MST 2014
On 26/11/14 13:07, L.P.H. van Belle wrote:
> Debian with Sernet samba 4.1.13 DC and member servers
>
> with just nsswitch.conf configured and samba.
>
> DC :
> root at dc1:~# getent passwd obell
> DOMAIN\testuser:*:10000:10000:Test user:/home/users/%U:/bin/sh
>
> Member server:
> root at mem1:~# getent passwd obell
> testuser:*:10000:10000::/home/users/testuser:/bin/sh
>
> Rowland you have seen the differences in your user..
>
> DC >INTERNAL\testuser:*:10000:10000:Test User:/home/INTERNAL/testuser:/bin/false
> MEMBER >testuser:*:10000:10000:Test User:/home/testuser:/bin/bash
> different homes and shell?
Hi Louis, They are both on the AD DC, the first is what you get if you
use winbind i.e the RFC2307 attributes 'unixHomeDirectory' &
'loginShell' are ignored, the second is what you get if you use sssd,
all RFC2307 attributes are used.
Rowland
>
> Greetz,
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: rowlandpenny at googlemail.com
>> [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>> Verzonden: woensdag 26 november 2014 13:11
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] What is --rfc2307-from-nss ??
>>
>> On 26/11/14 05:43, Greg Zartman wrote:
>>> I'm having a hard time figuring out what the samba-tool user create
>>> --rfc2307-from-nss does? The documentation is a little skinny.
>> It runs getpwnam**() to get the users info from another
>> database, so is
>> not much in creating a new user, as the new user in AD must
>> not exist on
>> the underlying OS.
>>
>>> I want users I create in the AD to be able to access local
>> file shares on
>>> Centos, so I'm setting up the SSSD service, but not entirely
>> sure if SSSD
>>> will provide user attributes like the login shell or if I
>> should set it
>>> explicitly in the active directory.
>> OK, I am not telling you this, but with the users info stored
>> in RFC2307
>> attributes in AD:
>>
>> Using winbind (Version 4.1.11-Debian)
>> root at debdc:~# getent passwd testuser
>> INTERNAL\testuser:*:10000:10000:Test
>> User:/home/INTERNAL/testuser:/bin/false
>>
>> Using sssd (Version 1.11.3)
>> root at debdc:~# getent passwd testuser
>> testuser:*:10000:10000:Test User:/home/testuser:/bin/bash
>>
>> Both on the AD DC
>>
>> Rowland
>>
>>> Thanks
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
More information about the samba
mailing list