[Samba] User disappears, when enabling RC2307
Lars Hanke
debian at lhanke.de
Fri Aug 8 04:11:35 MDT 2014
Am 08.08.2014 11:24, schrieb Rowland Penny:
> On 08/08/14 10:04, Lars Hanke wrote:
>> I'm trying to configure a Samba 3.6.6 file server running on a
>> Synology NAS to use uid/gid from RFC2307. The file server knows the
>> users from the AD, but it does not use the uid stored in the AD. The
>> smb.conf:
>>
>> [global]
>> printcap name=cups
>> winbind enum groups=yes
>> workgroup=AD
>> encrypt passwords=yes
>> security=ads
>> local master=no
>> realm=AD.MICROSULT.DE
>> passdb backend=smbpasswd
>> printing=cups
>> wins server=172.16.6.240
>> winbind enum users=yes
>> winbind use default domain=yes
>> #winbind nss info = rfc2307
>> idmap config AD: range = 1001 - 29999
>> idmap config AD: backend = ad
>> idmap config AD: schema_mode = rfc2307
>> idmap config *: range = 30000 - 50000
>> idmap config *: backend = tdb
>> load printers=yes
>> admin users=@AD\Domain Admins, at AD\Enterprise Admins
>>
>> This yields:
>>
>> DiskStation> id mgr
>> uid=2436891734(mgr) gid=2436891137(domain users)
>> groups=2436891137(domain users)
>>
>> But if I remove the # before "winbind nss info = rfc2307", the user
>> disappears. Of course wbinfo -u still has it, but 'id' says it is
>> unknown.
>>
>> Any idea how to resolve this?
>>
>> Kind regards,
>> - lars.
> Hi, the numbers that you posted (2436891137 for instance) are they the
> numbers stored in AD ? if so, they are slightly outside the range that
No, the AD has 1001 for mgr. The other number was created by the NAS,
when I first attached it to the AD. smb.conf didn't have any RFC2307
entries then.
> you have set in your smb.conf '30000 - 50000' (also the range should be
> set as 30000-50000, not as you have it).
>
> You also do not require this line:
> passdb backend=smbpasswd
Right. It's from the original config. I removed it.
Kind regards,
- lars.
More information about the samba
mailing list