Enabling idmap_ldb:use rfc2307 = yes on 2 DCs
steve
steve at steve-ss.com
Tue Sep 25 08:37:34 MDT 2012
On 25/09/12 11:18, Daniele Dario wrote:
> Hi Steve,
> just to be sure I understood:
>
> even if I provision with --use-rfc2307 I wont get it working without
> using an external script to add users/groups which has to modify ldbs
> adding the objectClass: posixAccount/posixGroup and the
> uidNumber/gidNumber for every user/group added right?
Correct. You have to make sure that the DC's use _only_ AD to pull the
rfc2307 stuff.
>
> Said this it wont work from a windows box using the Admin tools (they
> will invoke the basic samba tools so not the changed scripts (I was
> looking at the examples you pointed me)
It will not work from a windows box because there is no way to fill in
the rfc2307 attributes. I believe Géza has a a script for this however.
Samba4 will pull only uidNumber and gidNumber from AD. If you need the
whole of rfc2307 then you will need to use the scripts you quoted. (as a
basis: they are local to my domain only).
You are nearly there:) Good luck,
Steve
More information about the samba-technical
mailing list