[Samba] fetch passwords from AD and group membership from /etc/group
Dale Schroeder
dale at BriannasSaladDressing.com
Fri Jan 21 15:16:47 MST 2011
On 01/21/2011 4:54 AM, marius klausen wrote:
> Hi Takahashi,
>
>> While you need not run winbindd if you want to use Active Directory
>> for authentication, if you need to run, idmap_nss map help you?
>>
> i want to use winbind to be able to log in just by providing the accountname, not domainname\accountname.
>
> i now added the following to my smb.conf:
>
> idmap domains = MYDOMAIN
> idmap uid = 6000-61000
> idmap gid = 100-3000
> idmap config MYDOMAIN: backend = nss
>
> which does not change anything so far (smb+winbind restarted). The uid/gid ranges cover values which are given to the account in /etc/passwd /etc/group - maybe that is wrong?
That is correct. winbind generated uid's/gid's should not overlap the
range of the local uid's/gid's.
The idmap gid values that are currently set could cause problems on the
low end; but I can't say with all certainty that that is the cause of
the symptoms you are seeing.
Dale
> best regard,
>
> Marius
More information about the samba
mailing list