Samba4: ID mapping is hard

steve steve at steve-ss.com
Sun Mar 25 01:46:56 MDT 2012


El 24/03/12 01:20, Andrew Bartlett escribió:
> On Fri, 2012-03-23 at 23:54 +0100, steve wrote:
>
>> What is working well for us in tests is giving Domain Users a uid, gid,
>> setting their primaryGroupID to that of a posix-ified security group and
>> storing these attributes in their entry in sam.ldb. The only problem I
>> have with this is that adding the posixGroup objectClass to a security
>> group removes the ability to be able to list its members in ADUC and it
>> is really unfortunate that I can't test this against a windows server.
>> Because I don't have one.
> Trial copies of Windows are available for download:
>
> https://www.microsoft.com/en-us/server-cloud/windows-server/2008-r2-trial.aspx
There is already a bugzilla which confirms that s4 does not handle the 
posixGroup attribute correctly. Adding the posixGroup attribute on a ms 
2008 server works correctly. The membership tabs under ADCU appear 
correctly.

Please see:
https://bugzilla.samba.org/show_bug.cgi?id=8635
comment 43 onwards.

Thanks,
Steve



More information about the samba-technical mailing list