[Samba] ldap idmap backend
Vladimir Vassiliev
vova at edu.yar.ru
Thu Mar 17 08:06:03 MDT 2011
17.03.2011 16:30, Bruce Richardson пишет:
> <DOMAIN-SID>-513 is the Domain Users group.
>
>>
>> Note that<SID> is not SID of main domain but another which name
>> equal to hostname. For example on host FMS in domain CORP I have:
>>
>> wbinfo --all-domains
>> BUILTIN
>> FMS
>> CORP
>
> Why have you created a local computer domain, out of interest?
I didn't do it, Samba did. Really I dunno how to "add" extra domain to Samba.
How can I delete this domain?
> Windows does this, but you don't have to do it with samba. This has been the
> cause of your problem; winbind is trying to map both<CORP-SID>-513 and
> <FMS-SID>-513 to the same local group.
>
<CORP-SID>-513 already has its own mapping with gid=10001 but Samba tries to use values 20043 and
higher for new mappings.
--
Vladimir Vassiliev
More information about the samba
mailing list