[Samba] idmaps, again
Stefan G. Weichinger
lists at xunil.at
Fri Mar 22 18:03:16 UTC 2019
Am 22.03.19 um 16:35 schrieb Rowland Penny via samba:
> On Fri, 22 Mar 2019 16:11:58 +0100
> "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:
>
>> Am 22.03.19 um 11:43 schrieb Stefan G. Weichinger via samba:
>>> Am 22.03.19 um 11:01 schrieb Rowland Penny via samba:
>>>
>>>>> Would the users itself need some editing as well (inside
>>>>> LDAP/AD)?
>>>>
>>>> This is really up to you, you could, if you so wish, remove all the
>>>> rfc2307 attributes from AD, or you could just ignore them.
>>>
>>> nice. sounds like my weekend project ;-) *sigh*
>>>
>>> thanks a lot ... will check my backups asap
>>
>> change is through, my tests look good to me
>>
>> I now run on the DM server:
>>
>>
>> # samba-tool testparm
>>
>> [global]
>> dedicated keytab file = /etc/krb5.keytab
>> interfaces = bond0
>> kerberos method = secrets and keytab
>> log file = /var/log/samba/%m.log
>> log level = 2
>> printcap name = /dev/null
>> realm = ARBEITSGRUPPE.MY-TLD.AT
>> security = ADS
>> template homedir = /mnt/samba/Daten/%U
>> template shell = /bin/bash
>> username map = /etc/samba/user.map
>> winbind nss info = template
>> winbind refresh tickets = Yes
>> winbind use default domain = Yes
>> workgroup = ARBEITSGRUPPE
>> idmap config arbeitsgruppe:schema_mode = rfc2307
>> idmap config arbeitsgruppe:unix_nss_info = yes
>
> You can remove the two lines above, they are not used with the 'rid'
> backend.
done, nice, thanks ;-)
I now wait for their admin to click around and test his PCs etc
More information about the samba
mailing list