[Samba] winbind bug?
steve
steve at steve-ss.com
Thu Mar 27 09:24:37 MDT 2014
On Thu, 2014-03-27 at 07:40 -0700, Shane Robinson wrote:
> Am I wrong thinking the overlapping idmap ranges are (part of) the problem?
> Shane Robinson
Hi
Yes.
The ranges must not overlap AT ALL. Try:
idmap config * : backend = rid
idmap config * : range = 3000000 - 3100000
idmap config SEAS:backend = rid
idmap config SEAS:range = 1000 - 40000
idmap config SEAS-S:backend = rid
idmap config SEAS-S:range = 40001 - 50001
HTH
Steve
Oh, I'd really recommend using the ad backend with the uid values stored
in AD. That way, there are no algorithms and no separate database to get
in the way. If it's in the directory and you pull it from there (like
all other attributes) then it can nnly be one single value. On all DC's.
More information about the samba
mailing list