[Samba] Samba and Active Directory 2008

Robert Freeman-Day presgas at gmail.com
Mon Jul 11 09:06:06 MDT 2011

Hash: SHA1

On 07/11/2011 10:09 AM, Keith wrote:
> I was wondering if anyone has had any luck getting samba working with a
> Windows 2008 domain? I've got mine working for the most part except for UID
> lookups. I've got identity management for unix installed on on the windows
> box and have several users configured with custom home directories, login
> shell, and UID on the Unix attributes tab. My samba server is joined to the
> domain, wbinfo -u and -g both provide a list of users and groups. When i run
> getent passwd i get a list of local users and domain users. With the domain
> users it pulls the home directory and login shell just fine from active
> directory, but i cant get it to pull the UID.
> I've got it setup and working using RID, which is ok, but we would rather
> get it working with the UID. I'm using samba version 3.5.4 and here is a
> copy of the global settings
> workgroup=test
> realm=pizza.com
> security=ads
> password server = password-server.pizza.com
> idmap uid = 10000 - 20000
> idmap guid = 10000 - 20000
> idmap backend = rid:pizza.com=10000-20000
> winbind use default domain = yes
> winbind enum users = yes
> winbind refresh tickets = yes
> client use spnego = yes
> client ntlmv2 auth = yes
> encrypt passwords = yes
> restrict anonymous = 2
> winbind nss info = rfc2307
> client ldap sasl wrapping = sign
> Any help would be greatly appreciated.
> Thanks
> Keith

Have you also edited your /etc/nsswitch.conf file to pull those entries
properly?  You should at least have it looking like below:

       passwd:         compat winbind
       group:          compat winbind
       shadow:         compat

- -- 

Robert Freeman-Day

GPG Public Key:
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the samba mailing list