[Samba] Security = ADS and uidnumbers

Rowland Penny rpenny at f2s.com
Wed Jun 5 06:30:35 MDT 2013 

Hi, I gave up on winbind, it is just too complicated and most, if not all,
of the webpages I found via google are incomplete or just down right wrong.

Why not try sssd, it just works, all you need to do is add uidNumbers to
your users, set up sssd and away you go, have a look here:
 http://linuxcostablanca.blogspot.co.uk/2013/04/sssd-in-samba-40.html


On 5 June 2013 13:15, Jim Potter <jimpotter at orange.net> wrote:

> Hi JAB
>
> I've tried this every whichway, including making ranges not overlap. It
> looks to me to depend on this line:
>
>  idmap config BECAUSE : range = 1000-8000
>
> If I add it, wbinfo <SID-ToUID option> for jingram gives a UID of 2338, but
> no getent passwd entry.
> If I remove it, getent passwd jingram gives a uidnumber in the  idmap
> config * : range =... range.
>
> I can't replicate the state of affairs I had in the first email where one
> user had the correct uidnumber - no users have the correct number now.
>
> Does it make any difference that the BECAUSE domain trusts another domain?
>
> I've tried it on samba4 as well now.
>
> what goes on? Does anyone have this setup working? If anyone could send me
> a complete smb.conf that works for them, I could start narrowing down where
> the problem is here.
>
> cheers
>
> Jim
>
>
> On 4 June 2013 13:57, Jonathan Buzzard <jonathan at buzzard.me.uk> wrote:
>
> > On Tue, 2013-06-04 at 13:20 +0100, Jim Potter wrote:
> >
> > [SNIP]
> >
> > >         idmap config * : base_rid = 0
> > >         idmap config * : backend = tdb
> > >         idmap config * : range = 1000 - 60000
> > >
> > > #       idmap config BECAUSE : default = yes
> > > #       idmap config BECAUSE : backend  = ad
> > > #       idmap config BECAUSE : schema_mode = rfc2307
> > > #       idmap config BECAUSE : range    = 1000-8000
> > > #       idmap config BECAUSE : cache time = 1800
> > > ###     idmap alloc config:range = 5000-9999
> >
> > Two backends with overlapping ranges, won't work. The ranges *must* be
> > orthogonal.
> >
> > JAB.
> >
> > --
> > Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
> > Fife, United Kingdom.
> >
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list