[Samba] Using samba4 with AD and rfc2307 - what are the *current* practices?

[Rowland Penny]

On 12/12/13 15:29, Michael Brown wrote:
> On 13-12-12 03:15 AM, L.P.H. van Belle wrote:
>> and remember sssd is NOT compatibele with sernet samba.
>>
>> Just a reminder..
>>
> Can someone suggest a better place then to get up-to-date packages for 
> various distros?
>
> On 13-12-12 03:12 AM, steve wrote:
>>
>> winbind doesn't work on the DC. To do what you wish to do, add:
>> uidNumber: 1234567
>> to the DN of Administrator and use sssd or nslcd to extract the
>> information _directly_ from AD. Same on your remote client.
>>
>> There are Samba4 howtos for sssd and nslcd.
>
> After thinking about it, it doesn't seem that going via sssd will 
> solve any of the problems I've listed.
>
> I'll still need to setup id mapping so that incoming connections (SMB, 
> etc) get mapped to the correct user. So I'll still need all the id 
> mapping stuff.
>
> Or is Samba smart enough to recognize that 'michael' or 'MAIN+michael' 
> is the same as the system user 'michael' and just use the system 
> user's uid/gid/etc?
>

This is confusing me, (yes I know, it doesn't take much) when you say 
'system user' do you mean a Linux user that is found in /etc/passwd?
If the answer to that is yes, then I am sorry, you cannot have the same 
username as a local user and a domain user, but you can use a domain 
user as a local user by joining the linux machine to the domain.

Rowland
> What about the case where I don't have 'use default domain' turned on 
> and have multiple domains?
>
> M.
>