[Samba] Mapping User from ADS
Andrew Bartlett
abartlet at samba.org
Fri Jun 27 07:18:03 GMT 2003
On Fri, 2003-06-27 at 16:56, Student2 SIM wrote:
> Hi folks,
>
> I'm using Samba 3beta running on RH 8.0 and I'd like to authentificate against a Microsoft AD. This all works very well, except that not all AD User are mapped to my Unixbox!
>
> When starting getent passwd, my UnixBox shoiws just my User from passwd and some of the AD User - not all!! Looking through my User with the command wbinfo -u all AD user are shown correctly!
>
> Anybody knowing any workaround?
>
> Attached I'm sending my setups.
>
> Sascha
>
> my smb.conf:
>
> [global]
> workgroup = ***
> realm = *****
> ADS server = DE4A068C.ffm.sbs.de
> server string = Samba ADS
> security = ADS
> password server = *****
> #passdb backend = smbpasswd
> algorithmic rid base = 100000
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> encrypt passwords = yes
> log file = /usr/local/samba/var/%m.log
> log level = 10
> max log size = 100000
> domain logons = yes
By setting 'security=ads' and 'domain logons = yes' you have hit the
magic combination for the secret 'Samba as an active directory server'
mode.
Unfortunately for you, you both didn't intend do be an Active Directory
PDC, and we don't support it (it's just at the experimental hack stage).
Turn off domain logons, and it should be fine.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030627/179cd206/attachment.bin
More information about the samba
mailing list