[Samba] samba 4 userid mapping
steve
steve at steve-ss.com
Sun Jul 28 15:46:53 MDT 2013
On Tue, 2013-07-09 at 18:22 -0700, Nick B wrote:
Hi
None of this works on a s4 DC
>
> # Setup user maps
>
> idmap config * : backend = tdb
>
> idmap config * : range = 100000-199999
>
> idmap config MYDOMAIN : backend = ad
>
> idmap config MYDOMAIN : schema_mode = rfc2307
>
> idmap config MYDOMAIN : range = 50000-99999
>
> winbind nss info = rfc2307
>
> winbind trusted domains only = No
>
> winbind use default domain = Yes
>
> winbind enum users = Yes
>
> winbind enum groups = Yes
replace it with this:
idmap_ldb use:rfc2307 = Yes
make the winbind links:
ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so
ln -s libnss_winbind.so /lib64/libnss_winbind.so.2
and the nss stuff in /etc/nsswitch.conf:
passwd: files winbind
group: files winbind
Now add the uidNumber and gidNumber attributes to the user or group DN
in AD. YOu can use ldbmodify or ldbedit for that. If you are brave, you
can build the master and use samba-tool add the attributes when you
create the user.
Note: if you want the whole of rfc2307 as your smb.conf suggests, then
use sssd and forget about winbind.
HTH
Steve
More information about the samba
mailing list