Having problems getting Samba 4.1.12 to work on CentOS 7 ...
Rowland Penny
repenny241155 at gmail.com
Wed Nov 5 13:49:18 MST 2014
On 05/11/14 20:44, Michael Adam wrote:
> On 2014-11-05 at 20:33 +0000, Rowland Penny wrote:
>> On 05/11/14 20:29, Richard Sharpe wrote:
>>> On Wed, Nov 5, 2014 at 12:09 PM, Rowland Penny <repenny241155 at gmail.com> wrote:
>>>> On 05/11/14 19:59, Richard Sharpe wrote:
>>> [...]
>>>>> and I have winbindd and smbd running and wbinfo -u prints out the
>>>>> users I expect. However, getent passwd does not show me any Windows
>>>>> users.
>>>>>
>>>>> So, something is wrong. Does anyone have any clues?\
>>>>>
>>>>> They changed so much in RHEL 7 (grumble grumble)
>>>>>
>>>> Yep and samba has changed as well, idmap uid & gid are both depreciated :-)
>>>>
>>>> You should be using something like this:
>>>>
>>>> idmap config *:backend = tdb
>>>> idmap config *:range = 70001-80000
>>>> idmap config SAMDOM:backend = ad
>>>> idmap config SAMDOM:schema_mode = rfc2307
>>>> idmap config SAMDOM:range = 500-40000
>>> I do not have the luxury of being able to enter UID/GID info into AD
>>> ... so it would seem that I do not want to use rfc2307 mode.
>>>
>>>> Perhaps a quick scan of 'man smb.conf' would help ;-)
>>> The smb.conf man page is the most useless document I have ever seen
>>> unless you already know exactly what the problem is :-(
> That's simply not true. It is a large document, because there is
> a lot to document, it aims to be comprehensive. But we've tried
> to improve the manpage a lot in the past.
>
> E.g. id-mapping: Just open the manpage and start searching for
> "idmap". After a few hits (that already point you into the right
> direction), you'll end up at "idmap config:OPTION". If you read
> the detailed explanation that follows, you should understand how
> id-mapping works in samba 3.6 and newer.
>
> Of course you have to know that there is something wrong with
> your id mapping configuration. You might be able to tell that
> from the logs. But the same applies to any document you want
> to consult.
>
>> OK, try the 'rid' backend:
>>
>> idmap config *:backend = tdb
>> idmap config *:range = 70001-80000
>> idmap config SAMDOM:backend = rid
>> idmap config SAMDOM:range = 500-40000
>>
>> And if all else fails, forget winbind and use sssd O:-)
> Richard: just ignore that last remark. :-)
>
> Cheers - Michael
Yep, I totally agree, you should be able to get winbind working easily,
I was only joking about sssd, sorry but it is very hard to get 'body
language' into an email.
Rowland
More information about the samba-technical
mailing list