[Samba] User disappears, when enabling RC2307
debian at lhanke.de
Sat Aug 9 03:29:59 MDT 2014
Am 08.08.2014 23:35, schrieb Rowland Penny:
> On 08/08/14 22:10, Lars Hanke wrote:
>>>> I copied the idmap entries from another client, which perfectly maps
>>>> the users:
>>>> root at nfs4:/# id mgr
>>>> uid=1001(mgr) gid=10000(domain_users)
>>>> Yes, the user has uid and uidNumber set properly.
>>> uid and uidNumber are different, uid is the users name, uidNumber is the
>>> users ID number, is this how you have them set ?
>> Understood. uid is identical to sAMAccountName, and uidNumber is 1001.
>> As said, it works nice on a second client.
>>> OK, you have added the users with their original ID numbers to AD, but
>>> have you
>>> a) removed all the users from /etc/passwd
>> They never existed on the NAS. There is no uid 1001 on the NAS. There
>> are however default users, which fall into the range, but do not clash
>> with any number existing in the AD. I'm not yet sure how to deal with
>> these default accounts.
> Just what default users? can you post the smb.conf from the NAS ?
There's a guest account and admin. Didn't analyze what these guys own in
the file system, so far. However, I tried on the working system to
define these users and it continued working. So their bare existence
winbind enum groups=yes
winbind enum users=yes
winbind use default domain=yes
winbind nss info = rfc2307
idmap config AD: range = 1001 - 29999
idmap config AD: backend = ad
idmap config AD: schema_mode = rfc2307
idmap config *: range = 30000 - 50000
idmap config *: backend = tdb
admin users=@AD\Domain Admins, at AD\Enterprise Admins
The rest is share definitions. 172.16.6.240 is the AD DC. The wins
server entry is probably obsolete, but adding it to the other config did
not make the users disappear.
>>> b) joined the NAS to the domain.
> Can you get to a terminal on the NAS, if so you could run 'net ads
DiskStation> net ads testjoin
Join is OK
So this item should be fine, I guess.
More information about the samba