[Samba] FreeBSD 7.2 domain member problem
Ivo Karabojkov
ivo at kit-bg.com
Fri Nov 13 11:15:13 MST 2009
Thank you very much for your reply!
I commented the correct line in my tries to get this working.
I have partial success WITHOUT idmap backend, with following smb.conf:
[global]
netbios name = SERVER
workgroup = DOMAIN
realm = DOMAIN.LOCAL
server string = Samba Server
security = ADS
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
# printcap name = CUPS
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
# template primary group = "Domain Users" // seems no longer supported
template shell = /sbin/nologin
# winbind separator = + // backslash is OK for me
# printing = cups
hosts allow = 192.168.1. 10.1.55. 127.0.0.1
interfaces = localhost, nfe0
bind interfaces only = Yes
[pub]
comment = Public
path = /var/samba/pub
guest ok = No
browseable = Yes
I can join the AD, see users with wbinfo -u and I can not find the users
with getent passwd!
I can still chown a folder stating "DOMAIN\user or group" and in ls -l
owner:group is displayed OK.
When I add:
idmap backend = idmap_rid:DOMAIN=10000-100000000
I get the warning: [2009/11/12 23:17:45, 1]
winbindd/idmap.c:parse_idmap_module(244)
idmap_init: idmap backend uses deprecated 'idmap_' prefix. Please replace
'idmap_rid:DOMAIN=10000-100000000' by 'rid:DOMAIN=10000-100000000'
Now I see only uid/gid for previously chowned directory, no users with
getent ... Changing the syntax according to message changes nothing.
winbindd log shows something like:
[2009/11/12 23:19:20, 1] winbindd/winbindd_group.c:getgrgid_recv(1015)
could not convert gid 10005 to sid
I have my partial success back commenting the idmap backend.
--
View this message in context: http://old.nabble.com/FreeBSD-7.2-domain-member-problem-tp26204285p26326852.html
Sent from the Samba - General mailing list archive at Nabble.com.
More information about the samba
mailing list