[Samba] idmap config / Is it necessary in my smb.conf file?
lp101
lingpanda101 at gmail.com
Tue May 6 12:22:31 MDT 2014
Thank you. Can you maybe clarify this sentence from the wiki(Setup A
Samba AD Member Server).
"For all non-domain accounts (like the local Administrator, etc.) the
mappings are stored with this configuration in a local TDB file and the
IDs are taken from the given range. The local range must not overlap
with the one specified for your domain! "
Am I defining the local accounts with this line?
idmap config *:range = 70001 - 80000
And Domain accounts with this line?
idmap config SAMDOM:range = 500-40000
Should I use these default ranges or can you point me in the direction
to read more about these values? Thanks.
On 5/6/2014 12:36 PM, Michael Adam wrote:
> On 2014-05-06 at 10:44 -0400, lp101 wrote:
>> I have a bit more clarity after reading the link I posted. If
>> I'm correct I only need to define these settings on the member
>> server? This way the member server can translate the Windows SIDs
>> (from the Domain Controllers) to UID/GIDs (on the member server).
>> Correct?
> Correct. Currently only the member server running the external
> winbindd daemon understands these settings.
>
> For the AD/DC setup, these won't have any effect.
>
> Cheers - Michael
>
>> -James
>>
>> On 5/5/2014 3:55 PM, lp101 wrote:
>>> I'm unclear on exactly if I need this in my smb.conf file. I've
>>> provisioned my domain with --use-rfc2307 but did not do any
>>> further mapping of UID and GUID in my smb.conf file. I'm currently
>>> running 6 Samba4 DC's and am in the process of adding member
>>> servers for file sharing. Following the wiki for AD Member Server
>>> setup I'm asked to enter idmap config data in my smb.conf file.
>>> This is what spawned this question. Must I go back to my DC's and
>>> enter this info prior to setup of the member server and join? T
>>>
>>> idmap config *:backend = tdb
>>> idmap config *:range = 70001-80000
>>> idmap config SAMDOM:backend = ad
>>> idmap config SAMDOM:schema_mode = rfc2307
>>> idmap config SAMDOM:range = 500-40000
>>>
>>>
>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list