[Samba] Problem idmap_ad
edv at balke-hamburg.de
edv at balke-hamburg.de
Wed Dec 14 09:14:06 UTC 2022
Sorry for the spam. My mailserver got an error message after trying to send via IPV6 four times and then switched back to IPV4. But back to the topic:
The change to rid is our temporary workaround, nevertheless the version with idmap config DOMAIN:backend = ad gives the problems that I mentioned in my first post, several users can use the shares and others can't without any clue why. They have random (old) unix IDs and other users with a uidNumber between them cannot use the share, loads of logs with loglevel 10 did not give any hint.
So this is the version that does not give all users access to the shares:
idmap config * : backend = tdb
idmap config * : range = 117000-117999
idmap config DOMAIN:backend = ad
idmap config DOMAIN:schema_mode = rfc2307
idmap config DOMAIN:range = 1001-116999
idmap config DOMAIN:unix_nss_info = no
idmap config DOMAIN:unix_primary_group = yes
template shell = /bin/bash
template homedir = /home/%U
kerberos method = secrets and keytab
winbind nss info = template
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
Best Regards
Matthias Mueller
> You do not appear to be using the 'ad' idmap backend, you have commented
>it out.
> Also, did your finger get stuck, you asked the same question 5 times.
> Rowland
More information about the samba
mailing list