[Samba] Problem to map uidNumber and getting authentication to work

Timo Aaltonen tjaalton at cc.hut.fi
Tue Nov 17 08:21:02 MST 2009

On Mon, 21 Sep 2009, Timo Aaltonen wrote:

> 	Hi!
>  I'm trying to set up a samba client to authenticate from AD (Win2k8), by 
> using rfc2307 schema mode to map uidNumber, gidNumber and unixHomeDirectory. 
> The latter two seem to work, while uidNumber doesn't, at least according to 
> 'wbinfo -i $uid', which shows the uid as the default starting point '10000'.
> Another problem is that getent passwd/group doesn't work at all, and because 
> of that neither does authentication ('wbinfo -a/-K' works). I _do_ have 
> winbind on /etc/nsswitch.conf though, so I'm pretty much out of ideas about 
> what's missing..
> my smb.conf:
> [global]
>  workgroup = SHORTREALM
>  realm = REALM
>  security = ads
>  use kerberos keytab = true
>  idmap config SHORTREALM:schema_mode = rfc2307
>  idmap config SHORTREALM:backend = ad
>  idmap config SHORTREAlM:readonly = yes
>  winbind nss info = rfc2307
>  winbind use default domain = yes
> I'm using Ubuntu 9.04 with samba 3.3.2, but I tried a backported 3.4.0 and it 
> had the same problem.

Anyone? Apparently this works on RHEL5 with samba 3.0.x, so it's a 
regression if it doesn't work with anything newer..

Timo Aaltonen
Systems Specialist
IT Services, Helsinki University of Technology

More information about the samba mailing list