[Samba] bad home path from AD
Rowland Penny
rpenny at samba.org
Sat Mar 30 11:05:43 UTC 2024
On Sat, 30 Mar 2024 11:42:10 +0100
"arnaud.bougeard--- via samba" <samba at lists.samba.org> wrote:
> This samba file server is a ldap client and a AD client.
>
> So listening port is not a problem. I just worry about idmapping.
>
It cannot be both, for a start, using Samba with ldap is akin to
running an NT4-style domain and that requires SMBv1, do you really want
to use SMBv1 ?
What you could do is, providing the ldap server is running on another
machine and is running as an NT4-style PDC, set up a trust between the
AD domain and the PDC.
However, because your AD domain uses IDs in the 1000-300000 range and
your ldap uses IDs in the 500-29009894 range, you cannot do this, the
ranges overlap, more than overlap, the AD range fits inside the ldap
range.
From your email address, it looks like you organisation is a
university and, as such, I feel you should be using best practice and
that doesn't include using SMBv1
Rowland
More information about the samba
mailing list