[Samba] Domain member (2k8R2) server, problem mapping Kerberos/NSS users
mail at eliasprobst.eu
Tue Jul 22 10:14:44 MDT 2014
On 07/22/2014 03:42 AM, George wrote:
> My setup is exactly like what you are trying to achieve. I use sssd to
> keep the Unix mapping consistent on every server (works great, getent
> passwd is consistent everywhere). Still, on member servers I had to
> configure winbind nss idmap properly, otherwise I was not able to
> properly set permissions on the shares.
Could you provide your winbind config or even your whole [global] section?
I tried it now _with_ winbind but was still running into the "Failed to
map kerberos principal to system user (NT_STATUS_LOGON_FAILURE)" error,
so having a working config to use as "template" would be very helpful.
Besides that, I was also experimenting with SSSD 1.12.0 which has now
support for SID mapping via libcifsidmap (cifs-utils) according to its
As I ran into some build issues on Ubuntu 14.04 I might have to postpone
this experiments for now…
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 884 bytes
Desc: OpenPGP digital signature
More information about the samba