[Samba] BUILTIN groups mapping via winbind!!
herman
herman at aeronetworks.ca
Fri Nov 2 01:27:52 GMT 2007
Kaustubh Chaudhari wrote:
> Hi Herman.
>
> This is really a helpful information, but i am not able to understand
> why in built group we cant see a mapping for a normal user, as if we
> look Builtin is also a OU and we have some Builtin users and groups in
> it.
>
> If i create a OU and groups or users in it than i can see all those
> but just not with Buitin.
>
> Feel free to correct me, if you find i am wrong.
>
> Thanks for your interest in this.
> Regards,
> Kaustubh.
Well, I have found that Winbind can get confused when you do things in
ADS that you should not do - for example cross linked users and groups
after you dragged records around. WinXP clients may still work, but the
only way to fix Winbind is to delete the offending records in ADS. The
problem is that how you are supposed to find the offending records is
impossible to say. Sometimes you can fix it by trying to remember when
it last worked and deleting everything that was changed since.
Sometimes, the only way to fix things is to give up and re-install ADS.
Sooo, try to roll back till you get to a working situation, then make
your changes very carefully and with frequent backups. I run ADS on
VMware and take a snapshot before every change I make to it, so I can
roll back without too much hassle as soon as things stop working.
Unfortunately, Winbind is still immature and not as robust as one may
like it to be.
Cheers,
Herman
More information about the samba
mailing list