[Samba] winbind bug?
Rowland Penny
rowlandpenny at googlemail.com
Thu Mar 27 13:06:52 MDT 2014
On 27/03/14 18:50, Doug Tucker wrote:
>
>>>>
>>> We populate /etc/passwd and /etc/group with the unix account
>>> information with password stripped out. This is how it maps the
>>> domain account through the domain user map directive for the unix
>>> username/id/homedir/shell.
>> I thought so, you cannot have a local user or group that is also in
>> AD, I suggest you remove them from the linux machine.
>>
>> Rowland
>>
> Rowland, that ignores the fact that all of my users other than this
> select group (5% maybe) on a certain client are working and working
> just fine. Those same failing users work on windows XP and linux
> cifs. And to shares even on win7 where the access is controlled via
> unix gid.
>
> Further, removing those entries samba will have no idea what the unix
> id is to create a mapping, the path to the home directory.
When a user connects, /etc/nsswitch.conf is consulted, this will have
lines for passwd & group, yours will (I presume) look something like this:
passwd: compat winbind
group: compat winbind
What this means is, the the first place to look for a user is
/etc/passwd and if the user exists there, then that info is used, what I
think is happening is that your windows 7 user does not exist there, or
more likely is there, but with a different ID number.
I will repeat, you cannot have users both in /etc/passwd and AD, if you
want to have users use different home directory paths, look into using
RFC2307 attributes.
Rowland
More information about the samba
mailing list