[Samba] winbind bug?
tuckerd at lyle.smu.edu
Fri Mar 28 08:01:23 MDT 2014
Appreciate everyone's help on this. Much thanks to Rowland and
Jonathan. I had not installed a "new" instance since 2008 it turns out
(and I've probably logged into this instance 5 times the whole time it
has been up), and this major shift really bit me. Or rather, the fact
that the darn thing just simply worked when apparently it shouldn't have
bit me. I read the man pages in the security/domain section again and I
may be blind (or not understanding the terminology again) but I still
don't see where it says to do this though I accept the knowledge of this
group that it is fact. After going through this...wow... I think right
there in every document ever written there should be a disclaimer in all
caps and in bold where if you set security to be ads, YOU MUST PUT YOUR
UNIX ATTRIBUTES IN THE AD. That would have saved me an entire week.
Again, thanks to all!
On 03/28/2014 07:37 AM, steve wrote:
> On Thu, 2014-03-27 at 20:22 +0000, Rowland Penny wrote:
>> Do you have access to the Windows server ? if you do, give all your
>> users and groups the required RFC2307 attributes. You can do this using
>> ADUC provided that it is showing the UNIX Attributes tab for users &
>> groups. You can then pull these attributes with winbind, nlscd or sssd
>> on the linux machine, your problem will then go away.
> As already suggested, this would solve all your problems, forever. Your
> windows admin simply needs to extend the schema:
More information about the samba