[Samba] Mapping User from ADS

Andrew Bartlett abartlet at samba.org
Fri Jun 27 07:18:03 GMT 2003

On Fri, 2003-06-27 at 16:56, Student2 SIM wrote:
> Hi folks,
> I'm using Samba 3beta running on RH 8.0 and I'd like to authentificate against a Microsoft AD. This all works very well, except that not all AD User are mapped to my Unixbox!
> When starting getent passwd, my UnixBox shoiws just my User from passwd and some of the AD User - not all!! Looking through my User with the command wbinfo -u all AD user are shown correctly!
> Anybody knowing any workaround?
> Attached I'm sending my setups.
> Sascha
> my smb.conf:
> [global]
>         workgroup = ***
>         realm = *****
>         ADS server = DE4A068C.ffm.sbs.de
>         server string = Samba ADS
>         security = ADS
>         password server = *****
>         #passdb backend = smbpasswd
>         algorithmic rid base = 100000
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         encrypt passwords = yes
>         log file = /usr/local/samba/var/%m.log
>         log level = 10
>         max log size = 100000
>         domain logons = yes

By setting 'security=ads' and 'domain logons = yes' you have hit the
magic combination for the secret 'Samba as an active directory server'

Unfortunately for you, you both didn't intend do be an Active Directory
PDC, and we don't support it (it's just at the experimental hack stage).

Turn off domain logons, and it should be fine.

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030627/179cd206/attachment.bin

More information about the samba mailing list