[Samba] Samba w/AD Support on AIX 6.1 - Error w/Authentication

Christian Ambach ambi at samba.org
Mon Feb 13 09:31:15 MST 2012

>          idmap config CITNET:default = yes
>          idmap config CITNET:backend = ad
>          idmap config CITNET:range = 0-50000
>          idmap config *:range = 0-50000
>          idmap config *:backend = ad
>          idmap config LIVAIXDSSIT01:range = 0-50000
>          idmap config LIVAIXDSSIT01:backend = ad
>          idmap config CIT:range = 0-50000
>          idmap config CIT:backend = ad

The ranges have to be distinct for every domain and when using backend = 
ad, you also need to have SFU attributes set in AD.

If you do not need NFS client interop (by reading the uid/gid values to 
be used from AD), you could use the idmap_tdb or idmap_autorid modules 
that autogenerate the IDs on the box.

e.g. reduce the above lines to just:

idmap config *:range = 50000-99999
idmap config *:backend = tdb


More information about the samba mailing list