[Samba] Samba3 capable of AD auth. without matching Linux users?
swehack at gmail.com
Sun Jun 23 23:11:23 MDT 2013
Thanks Marc. In fact the localhost was just a precaution and I was never
sure of it, I even tried resolving localhost to make sure it worked after I
made the change.
I will test idmap backend ad later, because I think what made it all work
for me was setting up NSS. Now that NSS is setup I can even run id ad-user
in the cli and get all the information from AD. So it seems more integrated
now and I have a better understanding of NSS.
I was under the impression that rid converted the SIDs into valid UIDs and
GIDs. But if I am, as now, only needing it for authentication and now for
IO to the FS then I should logically not require the local UIDs/GIDs.
2013/6/23 Marc Muehlfeld <samba at marc-muehlfeld.de>
> Hello Stefan,
> Am 23.06.2013 22:44, schrieb Stefan Midjich:
> I eventually got it working with the following configuration, in case any
>> googlers find it helpful.
>> I wrote it all down here on this wiki
>> http://wiki.sydit.se/teknik:**ad_autentisering_foer_cifs_**med_samba<http://wiki.sydit.se/teknik:ad_autentisering_foer_cifs_med_samba>Just so I
>> would not forget until tomorrow. :)
> I haven't fully compared, but isn't it widely the same like here:
> Is there a reason, why you use Idmap backend rid and don't take the UIDs
> from AD?
> I don't understand swedish and what you wrote in the sentence before, but
> I think setting
> 127.0.0.1 webb01.domain.local webb01
> could maybe make problems somewhere sometime. 127.0.0.1 should be better
> resolved to localhost. If some program resolves "webb01" /etc/hosts would
> return 127.0.0.1 instead of the IP of your NIC.
Hälsningar / Greetings
More information about the samba