[Samba] User disappears, when enabling RC2307
Lars Hanke
debian at lhanke.de
Fri Aug 8 05:13:00 MDT 2014
>>>> I'm trying to configure a Samba 3.6.6 file server running on a
>>>> Synology NAS to use uid/gid from RFC2307. The file server knows the
>>>> users from the AD, but it does not use the uid stored in the AD. The
>>>> smb.conf:
>>>>
>>>> [global]
>>>> printcap name=cups
>>>> winbind enum groups=yes
>>>> workgroup=AD
>>>> encrypt passwords=yes
>>>> security=ads
>>>> local master=no
>>>> realm=AD.MICROSULT.DE
>>>> passdb backend=smbpasswd
>>>> printing=cups
>>>> wins server=172.16.6.240
>>>> winbind enum users=yes
>>>> winbind use default domain=yes
>>>> #winbind nss info = rfc2307
>>>> idmap config AD: range = 1001 - 29999
>>>> idmap config AD: backend = ad
>>>> idmap config AD: schema_mode = rfc2307
>>>> idmap config *: range = 30000 - 50000
>>>> idmap config *: backend = tdb
>>>> load printers=yes
>>>> admin users=@AD\Domain Admins, at AD\Enterprise Admins
>>>>
>>>> This yields:
>>>>
>>>> DiskStation> id mgr
>>>> uid=2436891734(mgr) gid=2436891137(domain users)
>>>> groups=2436891137(domain users)
>>>>
>>>> But if I remove the # before "winbind nss info = rfc2307", the user
>>>> disappears. Of course wbinfo -u still has it, but 'id' says it is
>>>> unknown.
>>>>
>>>> Any idea how to resolve this?
>>>>
>>> Hi, the numbers that you posted (2436891137 for instance) are they the
>>> numbers stored in AD ? if so, they are slightly outside the range that
>>
>> No, the AD has 1001 for mgr. The other number was created by the NAS,
>> when I first attached it to the AD. smb.conf didn't have any RFC2307
>> entries then.
>>
>>> you have set in your smb.conf '30000 - 50000' (also the range should be
>>> set as 30000-50000, not as you have it).
>>>
>>> You also do not require this line:
>>> passdb backend=smbpasswd
>>
>> Right. It's from the original config. I removed it.
>>
> OK, try clearing the winbind cache on the NAS, 'net cache flush'
Tried that. No change.
DiskStation> net cache flush
DiskStation> id mgr
id: unknown user mgr
Regards,
- lars.
More information about the samba
mailing list