[Samba] [SOLVED] Samba4 Does cifs need a keytab for the multiuser option?

steve steve at steve-ss.com
Fri Apr 12 05:02:28 MDT 2013

On 12/04/13 09:32, steve wrote:
> On 12/04/13 08:06, steve wrote:
>> On 11/04/13 22:45, steve wrote:
>>> On 11/04/13 22:05, Rowland Penny wrote:
>>>> On 11/04/13 20:42, steve wrote:
>>>>> On 11/04/13 20:39, Rowland Penny wrote:
>>>>>> On 11/04/13 17:27, steve wrote:
>>>>>>> Hi
>>>>>>> samba --version
>>>>>>> Version 4.0.6-GIT-4bebda4
Hi everyone

Thanks to Jeff Layton over on the cifs list. The uid:gid were from 
idmap.ldb and AD.
We need everything to come from AD (and forget idmap/winbind!) otherwise 
it's chaos. I had:
idmap_ldb use:rfc2307 = Yes

The correct syntax is:
idmap_ldb:use rfc2307 = Yes
and no, no keytabs are required.

I've been bitten by the syntax before but usually testparm has come to 
the rescue. Unfortunately this syntax wasn't picked up.

Why we need 2 methods of getting uid:gid I've no idea. Maybe to retain 
compatibility with older versions of Samba?


More information about the samba mailing list