[Samba] Failing to get uids from AD
nick at triantos.com
Sat Jul 14 10:50:09 MDT 2012
I'm still having trouble getting Samba 3.6.3 / Winbind to fetch UIDs from AD 2008 R2 with the Services for Unix feature installed. My users have uidNumber fields which contain the UIDs I want. I'm on Ubuntu 12.04
The global part of my smb.conf. I've tried changing 'winbind nss info' and 'schema_mode' to sfu as well.
security = ADS
realm = CORP.mycompany.COM
allow trusted domains = yes
winbind use default domain = yes
winbind nested groups = YES
winbind enum groups = yes
winbind enum users = yes
winbind nss info = rfc2307
winbind refresh tickets = yes
idmap config CORP : backend = ad
idmap config CORP : schema_mode = rfc2307
#idmap config * : backend = tdb
idmap config * : default = yes
idmap config * : range = 900 - 99999
Each time I re-test, I delete the files:
My users always come back with an id in the range mapped above (900+), even though their IDs should actually be 1000+.
When I run an ldapsearch query, I get back results for my users that include (as well as other fields):
userPrincipalName: ross at corp....
mail: ross at ...
Any suggestions of things I can try are greatly appreciated.
More information about the samba