[Samba] Using idmap backend = ad

Anton Brinyov bas at kurskpribor.ru
Tue Nov 13 05:56:03 GMT 2007 

The problem solved!

I'v changed

winbind nss info = template sfu
to
winbind nss info = template rfc2307

and added:

idmap config CENTAURA:schema_mode = rfc2307


Best regards
  Anton Brinyov.


Anton Brinyov пишет:
> I'm sorry, I forgot to mention OS where Samba server is running.
> It's FreeBSD 6.2
> 
> Best regards
> Anton Brinyov.
> 
> 
> Anton Brinyov пишет:
>> Good day!
>>
>> I have AD on Win2003 Server with Services For UNIX 3.5.
>> When I try to set idmap backend = ad and type
>>
>> # id <domain_user_name>
>>
>> I get in log.winbindd-idmap following:
>>
>>
>> [2007/11/07 18:09:18, 1] 
>> nsswitch/idmap_ad.c:idmap_ad_sids_to_unixids(613)
>>   Could not get unix ID
>>
>> AD user has SFU UID 20000000.
>>
>> wbinfo -u prints correct lists of domain users,
>> and when using idmap bakend = tdb winbind assign UID for users.
>>
>>
>> Best regards
>> Anton Brinyov.
>>
>> P.S. Some configs:
>>
>> smb.conf
>> ----------------------------------------------------
>> [global]
>>         dos charset = cp866
>>         unix charset = koi8-r
>>         display charset = koi8-r
>>         workgroup = MYDOMAIN
>>         realm = MYDOMAIN.RU
>>         server string = myserv
>>         security = ADS
>>         password server = ALPHA.MYDOMAIN.RU BETA.MYDOMAIN.RU
>>         log file = /var/log/samba/log.%m
>>         max log size = 50
>>         socket options = SO_RCVBUF=8192 SO_SNDBUF=8192
>>         local master = No
>>         ldap ssl = no
>>         idmap uid = 16777216-33554431
>>         idmap gid = 16777216-33554431
>>         template shell = /bin/csh
>>         winbind separator = +
>>         winbind use default domain = Yes
>>         winbind nss info = template sfu
>>         idmap backend = ad
>>         inherit acls = Yes
>>         map acl inherit = Yes
>>         store dos attributes = Yes
>> #       debug level = 10
>>
>> [homes]
>>         comment = Home Directories
>>         read only = No
>>         browseable = No
>>
>>
>> nsswitch.conf
>> ---------------------------------------------------
>> group: files winbind
>> group_compat: nis
>> hosts: files dns
>> networks: files
>> passwd: files winbind
>> passwd_compat: nis
>> shells: files
>>
>

More information about the samba mailing list