[Samba] Re: Enabling 'idmap backend = ad' for user auth
Rex Dieter
rdieter at math.unl.edu
Fri Feb 3 13:21:43 GMT 2006
McGlorfin wrote:
> I'm using Samba 3.0.21a on Fedora Core 3 to authenticate against an AD
> domain. The box running AD is Win2k3 R2, so AD has the RFC2207 schema
> extensions applied.
Really? I thought installing SFU on the domain controller is/was still
required, no? (What's R2?)
> I'm pretty sure there's an error in my smb.conf. (What else could it
> be?) Here are the relevant entries from the global section:
> workgroup = MYDOMAIN
> realm = MYDOMAIN.LOCAL
> security = ADS
> idmap backend = ad
> idmap uid = 300000-30000000
> idmap gid = 300000-30000000
...
> winbind nss info = template, sfu
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Not absolutely sure, but docs I've seen say to set this to
winbind nss info = sfu
Not sure what the template bit is used for.
More information about the samba
mailing list