[Samba] Samba4 and idmap backend (ad/rid)
Rowland Penny
rpenny at f2s.com
Thu Apr 25 07:36:44 MDT 2013
On 25/04/13 14:11, Jaymzwise Jaymzwise wrote:
> Hi,
>
> I eventually managed to install and join a Samba4 server as a member in an
> AD environment but I have a problem with the id command.
> wbinfo commands work but when I launch id command with a domain user I get
> "user unknown".
>
> Here is my smb.conf (Took from Samba Wiki) :
>
> idmap config *:backend = tdb
> idmap config *:range = 70001-80000
> idmap config MYDOMAINNAME:backend = ad
> idmap config MYDOMAINNAME:schema_mode = rfc2307
> idmap config MYDOMAINNAME:range = 500-40000
>
> winbind nss info = rfc2307
> winbind trusted domains only = no
> winbind use default domain = yes
> winbind enum users = yes
> winbind enum groups = yes
>
> If I replace "idmap config MYDOMAINNAME:backend = ad" by "idmap config
> MYDOMAINNAME:backend = rid", id command works well. Why id command doesn't
> work with ad backend ?
>
> Thanks.
Hi, what version of samba4 did you use? reason is, before 4.0.5 winbind
required the posix objectclasses posixAccount & posixGroup, these are no
longer required. But having said that, forget winbind and use sssd, it
is easier to use, have a look here:
http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html
Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba
mailing list