[Samba] Problem to map uidNumber and getting authentication to work
tjaalton at cc.hut.fi
Tue Nov 17 08:21:02 MST 2009
On Mon, 21 Sep 2009, Timo Aaltonen wrote:
> I'm trying to set up a samba client to authenticate from AD (Win2k8), by
> using rfc2307 schema mode to map uidNumber, gidNumber and unixHomeDirectory.
> The latter two seem to work, while uidNumber doesn't, at least according to
> 'wbinfo -i $uid', which shows the uid as the default starting point '10000'.
> Another problem is that getent passwd/group doesn't work at all, and because
> of that neither does authentication ('wbinfo -a/-K' works). I _do_ have
> winbind on /etc/nsswitch.conf though, so I'm pretty much out of ideas about
> what's missing..
> my smb.conf:
> workgroup = SHORTREALM
> realm = REALM
> security = ads
> use kerberos keytab = true
> idmap config SHORTREALM:schema_mode = rfc2307
> idmap config SHORTREALM:backend = ad
> idmap config SHORTREAlM:readonly = yes
> winbind nss info = rfc2307
> winbind use default domain = yes
> I'm using Ubuntu 9.04 with samba 3.3.2, but I tried a backported 3.4.0 and it
> had the same problem.
Anyone? Apparently this works on RHEL5 with samba 3.0.x, so it's a
regression if it doesn't work with anything newer..
IT Services, Helsinki University of Technology
More information about the samba