[Samba] Id Mapping from SFU 3.5
abartlet at samba.org
Sat Nov 12 05:19:48 GMT 2005
On Tue, 2005-11-08 at 11:50 +0100, Dan Am wrote:
> our task is to get Samba to us the same Mapping as SFU is using in AD.
> 1. In 3.0.21pre1 we set
> idmap uid = 50000-100000
> idmap gid = 50000-100000
> idmap backend = AD
> winbind separator = =
> but mapping a drive from Win2003 Server fails with:
> user "our_user" dows not exist"
> Are we missing something ?
> 2. We succeeded with 3.0.9 by setting
> winbind enable local accounts = yes
> and pulling in the AD Users via nss_ldap directly.
> But this parameter has been removed in current versions.
> Why ? Are there any contraindications for the parameter ?
You were actually looking for 'winbind trusted domains only = yes'.
I'm not sure entirely of the impact of using nss_ldap instead of
winbindd, but this at least is the right way to do it.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20051112/ab2f49c3/attachment.bin
More information about the samba