[Samba] New ADC configuration
Ali Bendriss
ali.bendriss at gmail.com
Wed Jul 17 04:31:54 MDT 2013
On Tuesday, July 16, 2013 06:48:07 PM Matthew Daubenspeck wrote:
> On Tue, Jul 16, 2013 at 08:45:15PM +0200, Marc Muehlfeld wrote:
> > Did you clean up the tdb files on your member server? I could imagine,
> > that
> > Samba mixes the old and new domain in it's idmap cache. If it's a new
> > installation and nothing important in the member servers registry (like
> > print server printer settings), just remove the whole samba installation,
> > 'make install' again and rejoin.
>
> Well now I am out of ideas. I hosed both setups and started from
> scratch. Redid the provision with the proper rfc2307 added, and I have
> created test users and assigned them UIDs in ADUC. I can create groups
> and give them GIDs as well. I rejoined the member server, I can list all
> users, but I still get no results from id on the member server. What the
> heck could I be missing?
>
> Does the ADC server need special idmap config/ranges, etc as well?
Hello,
The last time I was having this kind of error, it was because I haven't setup
the gid number for the primary group for each users (domain users).
I ended changing the gid of domain users for something high (the default for
provision is 100) so my idmap range for idmap_ad doesn't have to go as lower
as 100. And then I gave all the users the new configured gid number.
it may be useful to run net cache flush on the member server while doing the
test.
you set idmap config NWLTECH:range = 500-40000
but the default gid for domain user is 100 so I think that you need to change
it (see above) or adapt your range.
regards,
--
Ali
More information about the samba
mailing list