[Samba] centos 6.5 sernet-samba 4.1.6 member server winbind idmap fail

Lorenzo Faleschini lorenzo.faleschini at nordestsystems.com
Thu Apr 10 10:15:22 MDT 2014


I have

Domain Admins GID=10000
Domain Users GID=10001

Administator UID=10000
userx UID=10001

getent and wbinfo are working now (only if I call the users or groups 
that I've configured UNIX attributes for)
eg: getent group "MY\\Domain Admins" - works
       getent group - doesn't show anything

I've added to /etc/samba/smb.conf
username map = /etc/samba/samba_usermapping

and in /etc/samba/samba_usermapping
!root = DOMAINNAME\Administrator DOMAINNAME\administrator

as suggested by L.P.H. van Belle

Now my problem is that if I try to setup share permissions I can manage 
the share only if I leave "Full Control" to "Everyone".. and this is 
quite useless.

Lorenzo Faleschini
IT Manager @ Nord Est Systems srl
----------------------------------------
m: +39 335 6055225 | skype: falegalizeit

Il 10/04/2014 17:55, Rowland Penny ha scritto:
>
> Have you given 'Domain Users' a gidNumber and if so is that gidNumber 
> '100' ?
> If you are using '100' for your gidNumber, then it is below the range 
> you set in smb.conf and winbind will not pass this to getent and 
> therefore you get no domain users.
> If you have not added a gidnumber, then the same applies, windbind 
> will not pass this to getent and you get no domain users.
>
> Rowland



More information about the samba mailing list