[Samba] BUILTIN not mapping on DC
steve
steve at steve-ss.com
Wed Apr 30 02:32:02 MDT 2014
On Wed, 2014-04-30 at 00:56 +0200, Achim Gottinger wrote:
> Am 30.04.2014 00:53, schrieb Achim Gottinger:
> >
> >>> On a sidenote i noticed roland and you seem to use the idmap_ad
> >>> backend on ADDC's. I did not configure the backend after classic
> >>> upgrade provisioning and use the default idmap_tdb.
> >> The reason that I use the ad backend is to use the uidNumber's &
> >> gidNumber's stored in ad, I find it easier to store all my users in
> >> the same place.
> > Ok, so the difference is that with the tdb backend i get mappings for
> > all users in idmap.ldb and with the ad backend only for those without
> > ldap objects.
> > Thank you and steve for the explanation.
> >
> > achim~
> >
> Wrong, idmap.ldb also must holt mappings for users with ldap objects but
> without uidNumbers.
You already know that it has to be used for groups which must act both
as a group and as a user such as the BUILTIN groups who have to write to
sysvol. We don't have anything like that in Linux.
HTH
Steve
More information about the samba
mailing list