[Samba] Winbind troubles
Rowland Penny
rowlandpenny at googlemail.com
Tue Jul 23 07:39:50 MDT 2013
Could this be yet another reason to use sssd instead of winbind?
sssd does use the account gidNumber
testuser
primaryGroupID: 513
uidNumber: 3001106
gidNumber: 20513
getent passwd testuser
testuser:*:3001106:20513:testuser:/home/DOMAIN/testuser:/bin/bash
Rowland
On 23 July 2013 13:54, Jonathan Buzzard <jonathan at buzzard.me.uk> wrote:
> On Tue, 2013-07-23 at 11:25 +0200, steve wrote:
> > On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote:
> >
> > >
> > > It's probably still not working for him because he needs to clear the
> > > now poluted cache/database that winbind has created from previous
> > > attempts. Using net cache flush might work. Personally I would stop
> > > samba delete the tdb files and start it again, redo the domain join and
> > > try it.
> >
> > Just thought about nscd too. On some distros it's default. . .
>
> Another thought. The primary windows group of the account has to have
> unix attributes. For reasons I cannot fathom the gidNumber attribute of
> the account is not used by winbind and instead the primaryGroupID is
> used. If this group does not have a GID set then the lookup fails!
>
> I guess best practice is to keep the GID of the primaryGroupID and the
> gidNumber of the user the same but I don't understand why it is the way
> it is.
>
> JAB.
>
> --
> Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
> Fife, United Kingdom.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list