[Samba] samba4 rfc2307 practice and confuse

d tbsky tbskyd at gmail.com
Mon Apr 15 03:07:45 MDT 2013

2013/4/14 Gémes Géza <geza at kzsdabas.hu>

> Unfortunately the winbind implementation samba as an AD DC uses (the one
> in the samba binary) is not able to read other posix information from AD
> other than the uidNumber and gidNumber.

   I think I can live with that since we use it only for a few people. but
the broken
"template homedir"  seems a bug to me. or is it limited by something else

> I have read many times complaints like this, it seems, that some
> distributions/relases bundle a version of samba, that has some bugs, a
> similar setup (just the ranges are different) works for me using ubuntu
> 12.04.

   so you mean with samba 4 as DC and samba 3.x as winbind client, you can
get correct rfc2307 gidnumber(and working getent group)?

   I don't think samba 3.x comes with RHEL has this kind of bug,since they
already have detailed document abount how to link to Active Directory. and
I also tried the lasted binary rpm at samba web site, the behavior is the

    I think the problem is at server side. I use microsoft remote
administration tool(ADUC) under windows 7 to managent the domain rfc2307
settings, I think maybe that's problem. since samba  minic microsoft AD,
use microsoft tool to manage it looks reasonable, even samba AC DC HOWTO
suggest it. but it seems few people in this email list use that tool?

   and today I found another interesting bug/featuer with windows ADUC. my
short domain name is "DOM", and if I create a group who's namd is "dom",
samba4 DC will be angry. the
"getent group" at samba4 DC will refuse to return this entry, and all the
entries created after that (has larger xidnumber) will also disappear. as
long as I rename the group to something else, "getent group" will become

    since there are so many strange behaviors, I don't know what's the best
practice to treat samba 4 DC. but I am glad that at least some people in
the email list do have a working environment. maybe I can find out what's
my problem one day.

    thanks a lot.


> Geza Gemes
>> Regards,
>> tbskyd
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>

More information about the samba mailing list