[Samba] Limit AD for Winbind
Daniel_Fr at gmx.de
Tue Mar 20 15:25:30 GMT 2007
I'm using Winbind to integrate my Active Directory Users into Linux.
The Domain is very big and is in trust with four other Domains.
I've about 100,000+ users.
Sometimes everything works perfect, wbinfo -u and wbinfo -g parse the correct users/groups but when I restart Samba + Winbind it does not work anymore.
When I first try wbinfo -m it lists all trusted domains but when I try wbinfo -u after, it responds "Error looking up domain users" and wbinfo -m does also not work any more.
Later, it seems to work again but I don't know why.
Do you have an answer to this?
I was thinking about limiting the users that'll be integtrated from winbind. Is there any possibility to do this? I only need one of the four trusted domains but don't know a function to limit this.
"allow trusted domains = Yes" only gives me the opportunity to disable or enable all trusted domains, not to enable one specific domain.
Hope you guys can help me with this. Thanks!
server string = Test
workgroup = MYDOMAIN
netbios name = SERVERNAME
realm = MYDOMAIN.LOCAL
idmap uid = 10000-200000
idmap gid = 10000-200000
winbind separator = /
winbind use default domain = Yes
security = ADS
encrypt passwords = yes
password server = server.mydomain.local
client use spnego = yes
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%D/%U
allow trusted domains = Yes
winbind cache time = 300
comment = Testshare
path = /home/share
browseable = yes
read only = no
guest ok = no
valid users = @TRUSTEDDOMAIN/MYGROUP
create mask = 0770
directory mask = 0770
"Feel free" - 5 GB Mailbox, 50 FreeSMS/Monat ...
Jetzt GMX ProMail testen: www.gmx.net/de/go/mailfooter/promail-out
More information about the samba