[Samba] Samba 4.1.4 and winbind
Björn JACKE
bj at SerNet.DE
Sat Feb 1 14:32:19 MST 2014
On 2014-02-02 at 09:16 +1300 Brady, Mike sent off:
> but I vaguely remember that I found that 'getent group' doesn't
> return any of the AD groups if there is a (and there only needs to
> be one) group in AD that does not have a gidNumber assigned.
after you found out about that, do you vaguely remember where you reported that
thing in bugzilla?
Apart from that winbind enum users/groups only be used for testing purposes.
*Any* productive setup should have turned that parameter off (which is the
default). Winbind can cope with domains which contain thousands and millions of
users without a problem. Any nss module which would allow group or user
enumerations would doom itself and the DCs, too.
Björn
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
☎ +49-551-370000-0, ℻ +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140201/2909aea3/attachment.pgp>
More information about the samba
mailing list