[Samba] Still working on a Member Server
phwashington at tx.rr.com
phwashington at tx.rr.com
Fri Nov 14 02:20:57 GMT 2008
Going through the examples and reading through the wiki's I still have not found exactly what I was looking for in matching uid's and gid's.
We currently have a domain controller Samba/LDAP PDC.
Previous member servers
and I went to add a member server. Now I find that users and groups don't match. So from previous postings I have surmised that this has all changed and to get uid's and gid's to match across member servers you need to install an LDAP server on each Member Server and then use this as the backend for that system.
So what I have seen thus far the
idmap uid =
idmap gid =
have not effect on the outcome of uid's and gid's on the server anymore.
I have tried /etc/nsswitch.conf
passwd files winbind
group files winbind
and then tried
passwd file ldap
shadow file ldap
group file ldap
Using winbind would give me groups, but not what I was expecting. I would get no info on users or groups for the domain.
Using ldap I would receive no precursor for users or groups using wbinfo or getent, but the users and groups would show up. The uid and gid had no correlation to idmap uid or idmap gid.
Nov 13 19:36:35 IET0245Q slapd: <= bdb_equality_candidates: (sambaGroupType) index_param failed (18)
Nov 13 19:36:35 IET0245Q slapd: daemon: select: listen=8 active_threads=0 tvp=NULL
Nov 13 19:36:35 IET0245Q slapd: <= bdb_equality_candidates: (sambaSIDList) index_param failed (18)
Nov 13 19:36:35 IET0245Q last message repeated 4 times
Nov 13 19:
unix charset = LOCALE
workgroup = GUM
netbios name = GUM01B_TEST
security = DOMAIN
username map = /etc/samba/smbusers
log level = 10
syslog = 0
log file = /var/log/samba/samba2.log
smb ports = 139
name resolve order = wins bcast hosts
printcap name = /etc/printcap
domain master = No
wins server = 192.168.1.239
ldap admin dn = cn=Manager,dc=GUM,dc=COM ;
ldap group suffix = ou=Group ;
ldap idmap suffix = ou=Idmap ;
ldap machine suffix = ou=Computers ;
ldap suffix = dc=GUM,dc=COM ;
ldap user suffix = ou=People ;
idmap backend = ldap://192.168.1.245
idmap uid = 10000-20000 ;
idmap gid = 10000-20000 ;
winbind enum users = Yes
winbind enum groups = Yes
winbind trusted domains only = Yes
comment = GUMSHARE
path = /RAIDDEVICE/GUMSHARE
username = GUM+user1,@"GUM+Domain Users"
read list = GUM+user1, "@GUM+Domain Users"
write list = "@GUM+Domain Users"
read only = No
create mask = 0774
security mask = 0774
force security mode = 0770
directory mask = 02777
directory security mask = 0770
force directory security mode = 0770
inherit permissions = Yes
hide unreadable = Yes
veto oplock files = /GUM.*/
More information about the samba