[Samba] Samba and Active Directory 2008
Robert Freeman-Day
presgas at gmail.com
Mon Jul 11 09:06:06 MDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/11/2011 10:09 AM, Keith wrote:
> I was wondering if anyone has had any luck getting samba working with a
> Windows 2008 domain? I've got mine working for the most part except for UID
> lookups. I've got identity management for unix installed on on the windows
> box and have several users configured with custom home directories, login
> shell, and UID on the Unix attributes tab. My samba server is joined to the
> domain, wbinfo -u and -g both provide a list of users and groups. When i run
> getent passwd i get a list of local users and domain users. With the domain
> users it pulls the home directory and login shell just fine from active
> directory, but i cant get it to pull the UID.
>
> I've got it setup and working using RID, which is ok, but we would rather
> get it working with the UID. I'm using samba version 3.5.4 and here is a
> copy of the global settings
>
> workgroup=test
> realm=pizza.com
> security=ads
> password server = password-server.pizza.com
> idmap uid = 10000 - 20000
> idmap guid = 10000 - 20000
> idmap backend = rid:pizza.com=10000-20000
> winbind use default domain = yes
> winbind enum users = yes
> winbind refresh tickets = yes
> client use spnego = yes
> client ntlmv2 auth = yes
> encrypt passwords = yes
> restrict anonymous = 2
> winbind nss info = rfc2307
> client ldap sasl wrapping = sign
>
> Any help would be greatly appreciated.
>
> Thanks
>
> Keith
Have you also edited your /etc/nsswitch.conf file to pull those entries
properly? You should at least have it looking like below:
passwd: compat winbind
group: compat winbind
shadow: compat
- --
________
Robert Freeman-Day
https://launchpad.net/~presgas
GPG Public Key:
http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk4bEVYACgkQup357T5MfTbSqQCcDtAAg1/PR4mc4Q5urgUoOcP4
LCEAn10m5/LFF/Ttvu/13OGYUvD3AbOM
=zDL1
-----END PGP SIGNATURE-----
More information about the samba
mailing list