[Samba] New ADC configuration
Matthew Daubenspeck
matt at oddprocess.org
Wed Jul 17 12:49:03 MDT 2013
On Wed, Jul 17, 2013 at 12:31:54PM +0200, Ali Bendriss wrote:
> The last time I was having this kind of error, it was because I haven't
> setup the gid number for the primary group for each users (domain
> users).
>
> I ended changing the gid of domain users for something high (the
> default for provision is 100) so my idmap range for idmap_ad doesn't
> have to go as lower as 100. And then I gave all the users the new
> configured gid number.
>
> it may be useful to run net cache flush on the member server while
> doing the test.
>
> you set idmap config NWLTECH:range = 500-40000
>
> but the default gid for domain user is 100 so I think that you need to
> change it (see above) or adapt your range.
The last thing it has to be is something with Arch Linux. I removed all
their samba packages and rolled from source and it does the EXACT same
thing. I then fired up a quick and dirty Ubuntu LTS VM, installed some
samba 4.0.6 packages from a PPA, and it worked. First try. I didn't even
have to set uid/gid numbers for the users. getent passwd displays all
domain users and:
$ id testuser3
uid=70009(testuser3) gid=70001(domain users) groups=70001(domain
users),70012(BUILTIN\users)
grabs all the info properly and gives them proper uid/gid as per the
ranges in smb.conf. I guess I'll rework everything with Ubuntu, although
I'm not overly crazy about using older packages. But if it works, whom
am I to argue? I don't know what else could possibly be wrong with
Arch.
Do users created still need a uid/gid added in the UNIX Attributes tab?
Thanks a ton to everyone that offered help, I really appreciate the
effort.
More information about the samba
mailing list