[Samba] winbind: uid range is ignored
NdK
ndk.clanbo at gmail.com
Sat Aug 4 05:21:47 MDT 2012
Il 04/08/2012 12:00, steve ha scritto:
>> You have many ways to obtain that "same mapping" objective. I chose to
>> use rid 'cause I couldn't modify my AD schema. But the preferred way is
>> extend AD schema and specify there the UIDs and GIDs.
> You don't have to extend the schema. You can store all the rfc2307
> attributes and objects (posixAccount, posixGroup, uidNumber,gidNumber. .
> .) in the m$ schema that ships with S4.
Too bad my AD controllers are M$ W2k3, w/o rfc2307 extension :( That's
why I'm stuck with rid.
> My aim is to have:
> idmap config : MYDOMAIN : backend = ad
> and
> idmap config : MYDOMAIN : range = abc-def
>
> recognised and with the uidNumber and gidNumber attributes being pulled
> from AD rather than any other mapping. To this end I have a test user
> user object with:
> objectClass: posixAccount
> uidNumber: xyz
> gidNumber abc
>
> and a test group object:
>
> objectClass: posixGroup
> gidNumber: abc
>
> I assume that with the ad backend both the user and group will come from
> AD and not idmap.
Well, idmap queries its backend for the mapping.
> Just waiting for the test lan to install and compile a totally new
> openSUSE 12.1 with Samba4 and a vBox openSUSE client, also fresh install.
>
> How am I doing?
Should work at the first try. But someone else that already used S4 and
AD backend can confirm for sure. :)
BYtE,
Diego.
More information about the samba
mailing list