[Samba] Winbind troubles
L.P.H. van Belle
belle at bazuin.nl
Tue Jul 23 01:40:50 MDT 2013
I'm having exactly the same problem with winbind as Matthew Daubenspeck.
also on ubuntu 12.04 with sernet packages. ( used sernet-samba-winbind 4.0.7 )
I remove the complete config atm but am at the point reinstalling now.
I'll wait with that until you put you howto on.
i cant loose the rfc2307 :-(
and i cant lose control over uidNumber, gidNumber, home directories and login shells.
and im adding a second DC later on, but whats the difference between RID and AD exactly.
or just these 4 things?
I'll go try the sssd as suggested below on ubuntu 12.04.
>Van: rowlandpenny at googlemail.com
>[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>Verzonden: maandag 22 juli 2013 23:45
>CC: samba at lists.samba.org
>Onderwerp: Re: [Samba] Winbind troubles
>If you want my opinion, this is just another example of why not to use
>winbind, if you can wait until tomorrow , I will send you an
>howto on sssd
>on Ubuntu 12.04
>On Jul 22, 2013 10:36 PM, "steve" <steve at steve-ss.com> wrote:
>> On Mon, 2013-07-22 at 17:29 -0400, Matthew Daubenspeck wrote:
>> > On Mon, Jul 22, 2013 at 10:15:10PM +0100, Rowland Penny wrote:
>> > > OK, that seems like it should work, I had the winbind
>> > > working, but found it difficult to setup so jumped
>ship to sssd
>> > > The idmap setup I used was:
>> > > idmap config *:backend = tdb
>> > > idmap config *:range = 1100-2000
>> > > idmap config DOMAIN:backend = ad
>> > > idmap config DOMAIN:schema_mode = rfc2307
>> > > idmap config DOMAIN:range = 10000-3100000
>> > > As you can see the number ranges are the opposite way
>round to what
>> > > have i.e. config*:range is lower than DOMAIN:range
>> > > You could also try (as a test) changing backend = ad
>to backend =
>> > > this will ignore the rfc2307 bit but will test the
>connect to the AD
>> > > server.
>> > > Rowland
>> > Changing the above ranges made no difference. However,
>> > = rid gets me:
>> > root at srv2:~# getent passwd administrator
>> > That seems to be working perfectly. What would I be losing without
>> > rfc2307 (please excuse the ignorance)?
>> You'd lose control over uidNumber, gidNumber and you
>wouldn't be able to
>> specify your own home directories and login shells. It's also a
>> nightmare if you add a second DC.
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>To unsubscribe from this list go to the following URL and read the
More information about the samba