[Samba] Winbind + SFU - was: Re: samba4 and sssd and user mapping

Björn JACKE bj at SerNet.DE
Wed Jan 29 13:41:19 MST 2014

On 2014-01-29 at 14:53 -0200 Márcio Merlone sent off:
> So I did it, no luck. Samba 4.1.4, sernet packages. winbind nss info
> = sfu made no diff:
> root at trusty:/home/dados# getent passwd marcio.merlone
> A1\marcio.merlone:*:1014:20313:Márcio Vogel Merlone dos
> Santos:/home/A1/marcio.merlone:/bin/false
> root at trusty:/home/dados#
> Shell and homedir should read:
> A1\marcio.merlone:*:1014:20313:Márcio Vogel Merlone dos
> Santos:/home/usuarios/marcio.merlone:/bin/bash
> I'm probably missing something on smb.conf:

something more generic ...

>     server role = active directory domain controller

remember the golden rule of thumb: a dc is a dc is a dc. no winbind needed and
no user logins here.  In one of the next samba versions it is planned to merge
the winbind 3 and the winbind 4, then you will be able to use all the features
of the winbind 3. you can set "idmap_ldb:use rfc2307 = yes" on the samba 4 DC
though. And before you shout out loud, yes, this is undocumented, see bug 9840.
Documentation patches are welcome :-)

But please follow the golden dc rule. the winbind nss info parameter will work
nice if you use it like we suggested, on a member server with the "classic"

SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
  ☎ +49-551-370000-0, ℻ +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen

More information about the samba mailing list