[Samba] Join Samba4 in a Samba4 AD
DarkZad
darkzad at yahoo.com.br
Sat Nov 9 07:22:51 MST 2013
I changed the setting to TUDOR idmap config: backend = rid and it worked
perfectly.
But using idmap config TUDOR: backend = rid can give a problem?
Thank you for your help.
In fileserve I run
wbinfo -i marcelo
marcelo:*:83726:80514:marcelo:/home/TUDOR/marcelo:/bin/false
Thansk a lot.
Em 09-11-2013 12:13, Rowland Penny escreveu:
> On 09/11/13 14:00, DarkZad wrote:
>>
>> saida do ldapsearch
>>
>> # extended LDIF
>> #
>> # LDAPv3
>> # base <DC=tudor,DC=local> with scope subtree
>> # filter: cn=marcelo
>> # requesting: ALL
>> #
>>
>> # marcelo, Users, tudor.local
>> dn: CN=marcelo,CN=Users,DC=tudor,DC=local
>> objectClass: top
>> objectClass: person
>> objectClass: organizationalPerson
>> objectClass: user
>> cn: marcelo
>> instanceType: 4
>> whenCreated: 20131109130551.0Z
>> whenChanged: 20131109130551.0Z
>> uSNCreated: 4860
>> name: marcelo
>> objectGUID:: V8qCGb8KwEqTB0SuaABscw==
>> badPwdCount: 0
>> codePage: 0
>> countryCode: 0
>> badPasswordTime: 0
>> lastLogoff: 0
>> lastLogon: 0
>> primaryGroupID: 513
>> objectSid:: AQUAAAAAAAUVAAAACJ+1yPvM4+uH+r6wjQ4AAA==
>> accountExpires: 9223372036854775807
>> logonCount: 0
>> sAMAccountName: marcelo
>> sAMAccountType: 805306368
>> userPrincipalName: marcelo at tudor.local
>> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=tudor,DC=local
>> pwdLastSet: 130284759510000000
>> userAccountControl: 512
>> uSNChanged: 4862
>> distinguishedName: CN=marcelo,CN=Users,DC=tudor,DC=local
>>
>
> This is a standard windows user, I was expecting to see something like
> this:
>
> # rowland, Users, example.com
> dn: CN=rowland,CN=Users,DC=example,DC=com
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> cn: rowland
> instanceType: 4
> whenCreated: 20131102133901.0Z
> uSNCreated: 3774
> name: rowland
> objectGUID:: y2W7zOeov0G0OhEc8WjPog==
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> badPasswordTime: 0
> lastLogoff: 0
> lastLogon: 0
> primaryGroupID: 513
> objectSid:: AQUAAAAAAAUVAAAAk3pjaDgNdKQkIvrkTwQAAA==
> logonCount: 0
> sAMAccountName: rowland
> sAMAccountType: 805306368
> userPrincipalName: rowland at example.com
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com
> pwdLastSet: 130278731410000000
> userAccountControl: 66048
> accountExpires: 0
> givenName: Rowland
> sn: Penny
> displayName: Rowland Penny
> homeDrive: H:
> msSFU30NisDomain: example
> msSFU30Name: rowland
> uidNumber: 10000
> gidNumber: 100
> loginShell: /bin/bash
> unixHomeDirectory: /home/rowland
> uid: rowland
> memberOf: CN=testgroup1,CN=Users,DC=example,DC=com
> telephoneNumber: 01200422623
> description: A Unix user
> whenChanged: 20131106173618.0Z
> uSNChanged: 3841
> distinguishedName: CN=rowland,CN=Users,DC=example,DC=com
>
> Ignore most of it, the things to focus on are:
>
> uidNumber: 10000
> gidNumber: 100
> loginShell: /bin/bash
> unixHomeDirectory: /home/rowland
>
> This is the information that winbind with the 'ad' backend pulls and
> uses, your user does not have this and without this, wbinfo -i will
> not work. You could try changing 'idmap config TUDOR:backend = ad' to
> ' idmap config TUDOR:backend = rid' but if you do, never connect
> directly to any shares on the samba 4 server.
>
> Rowland
>
More information about the samba
mailing list