winbind 3+4: different behavoiur with "winbind use default domain = yes"

[Rowland Penny]

On 06/09/12 14:26, Thomas Mueller wrote:
> hi
>
> still experimenting with samba4. :)
>
> on the server with winbind4 (on the server dc1, wheezy with samba4 git)
> and "winbind use default domain = yes" in smb.conf I see not the same
> behaviour as with winbind3 (on the workstation wks, centos 6).
>
> wks#>  id user
> uid=10021(user) gid=10049(g_user) groups=10049(g_user)
>
> dc1#>  id user
> uid=10021(DOMAIN\user) gid=513(Domain Users) groups=513(Domain Users)
>
> so the server looks up "user" and gets DOMAIN\user back. Seems that
> "winbind use default domain = yes" is partly working.
>
> Antother difference is that not both are using the windows primary group
> as the unix default group. s4 smb.conf contains "idmap_ldb:use rfc2307 =
> yes" and s3 smb.conf "winbind nss info = rfc2307". So one is using
> gidNumber and the other primaryGroupID.
>
> Is winbind4 ready to use and still the recommended nss tool?
>
> - Thomas
>
>
>

Hi, it would seem that there are 3 variants of winbind available at the 
present and they are all different.

DC1 running samba4 (only samba & smbd daemons running)
# getent passwd rowland
HOME\rowland:*:3000016:3000012::/home/HOME/rowland:/bin/bash

Client1 running samba 3.6.3 (nmbd/smbd/winbindd daemons running)
# getent passwd rowland
rowland:*:3000016:3000012::/home/HOME/linuxusers/rowland:/bin/bash

Client2 (running samba4 daemons nmbd/smbd/winbindd)
# getent passwd rowland
rowland:*:1105:1103:rowland:/home/HOME/rowland:/bin/bash

The dc winbind pulls the unix uidnumber & gidnumber and the template 
homedir, client1's winbind pulls the  unix uidnumber & gidnumber and the 
unixhomedir and client2's winbind pulls the ms uid & gid and the 
template homedir.

I was told that samba 4 winbind would be sorted in samba 4.1

Rowland


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.