[Samba] Winbind does not read uidNumber
steve
steve at steve-ss.com
Mon Jun 30 03:04:34 MDT 2014
On Mon, 2014-06-30 at 09:56 +0200, Lars Hanke wrote:
> Working through the fresh checklist:
>
> 1. DC smb.conf:
>
> my smb.conf also has "idmap_ldb:use rfc2307 = yes" and was provisioned
> with rfc2307. Is this a killer?
No, unless you wish to use the builtin winbind in samba.
>
> 2. Client smb.conf:
>
> looks good
>
> 3. Database check:
>
> no gidNumber here, add gidNumber: 10000
>
> retried on the client, still no users
No. This is not within your domain range.
>
> 4. check for local user
>
> getent passwd | grep -i mgr has no hits on either machine. But to check
> for local entries probably
>
> grep -i user /etc/passwd
>
> is more appropriate.
However you wish. Just make sure there is a unique domain user.
>
> 5. uid and gid for the user entry
>
> looks nice:
>
> root at samba:/# ldbsearch -H /srv/files/private/sam.ldb sAMAccountName=mgr
> uid uidNumber gidNumber
> # record 1
> dn: CN=Lars LH. Hanke,CN=Users,DC=ad,DC=microsult,DC=de
> uid: mgr
> uidNumber: 1001
> gidNumber: 1999
Contradicts with what you have for (3)
>
> 5. keytab (double numbering!)
>
> klist -k doesn't work, since Heimdal klist has no option -k. This is MIT
> syntax, if I recall correctly.
OK. Remove the keytab and recreate it.
More information about the samba
mailing list