RFC2307 on a Samba DC - HowTo
Giuseppe Ragusa
giuseppe.ragusa at hotmail.com
Sun May 18 14:09:02 MDT 2014
Hi,
On Sun May 18 13:43:50 MDT 2014, Rowland Penny wrote:
> On 18/05/14 19:38, Giuseppe Ragusa wrote:
> >> Hello,
> >>
> >> I've finished a new HowTo this week (please proofread):
> >>
> >> https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC
> >>
> >>
> >> Regards,
> >> Marc
> > Hi,
> >
> > Looks good to me, but I wonder if the long standing quirk of ignoring
> > the "primary Group ID" RFC2307 attribute and honouring Windows-side
> > group settings for primary group too is still in effect and
> > must be someway described in the wiki page (it affected Winbind for
> > sure, never tested SSSD).
>
> Now I could be acting stupid here by asking this, but what "primary
> group ID" RFC2307 attribute are you referring to?
>
> The 'primaryGroupID' attribute is a windows attribute and has nothing
> to do with Unix, you need to use the 'gidNumber' attribute.
>
> Rowland
Exactly: I was referring to the gidNumber stored together with uidNumber (etc.) as user POSIX attributes.
Sorry for the confusion / improper reference.
Regards,
Giuseppe
> > I think (and reported about two years ago on this list) that up to
> > Samba 3.5.0 the behavior was different (primary group taken from
> > POSIX attributes in RFC2307 fields), but changed afterwards and could
> > be the culprit behind:
> >
> > https://bugzilla.samba.org/show_bug.cgi?id=8694
> >
> > https://bugzilla.samba.org/show_bug.cgi?id=7582
> >
> > https://bugzilla.samba.org/show_bug.cgi?id=8905
> >
> > I even started an (aborted, unfortunately) effort at adding back the
> > former behavior through a configuration option (totally rewritten id mapping
> > plugin structure made the relevant information "unavailable where needed"
> > and would so require a substantial development work beyond my possibilities atm).
> >
> > Regards,
> > Giuseppe
> >
More information about the samba-technical
mailing list