[Samba] winbindd ADS Windows 2003 SFU idmap=ad, with Suse
Linux9.1, no AD UI
Jamin Davis
jamin at ghost.merseine.nu
Mon Sep 5 15:32:48 GMT 2005
2005-09-05 at 16:01 (+0100) Mike Rose sent out the following broadcast:
> I'm not sure I need to change the idmap uid and gid map ranges to what you
> suggest as the gid and uid values for the user bob are stored in the WIndows
> Active Directory LDAP (with SFU installed to extend it to include UNIX
> attributes) and fall within the range I currently specify. There is a user
> (mr) that has a uid of 500 in AD and gid of 500...
Hmmm... we haven't installed SFU - just downloading SFU 3.5 now. Using
idmap uid and idmap gid in smb.conf results in winbindd creating a local
idmap tdb file (read the smb.conf man page) - but I think you need to be
using idmap backend = ldap:ldap://yourserver instead of idmap uid/gid.
because you want winbindd to get the uid/gid from the ldap attributes in
AD. Check the section in the idmapper HOWTO
(http://tr.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html)
and smb.conf man page.
Regards,
Jamin
More information about the samba
mailing list