[Samba] winbindd 4.1.7 resolves group memberships for all but primary group
Sven Schwedas
sven.schwedas at tao.at
Wed May 28 04:12:40 MDT 2014
We're using a bunch of AD groups – all users/groups are created and
managed with ADUC. Domain Users is the primary group for all users, plus
a few for our departments (and Domain Admins). All groups have their
posixGroup attributes filled out.
wbinfo --group-info and getent group show the correct membership for all
groups except Domain Users.
smb.conf: http://pastebin.com/ymrXZJ5u
Already tried with winbind nss info = sfu, no improvement.
LDAP excerpt (members pruned) for Domain Users:
http://pastebin.com/3ysX0S7C
LDAP excerpt for Domain Admins:
http://pastebin.com/vYTu70dV
The only difference I can see is the member field. ADUC apparently
doesn't explicitly set it for the primary group (and doesn't allow me to
set it manually), it only sets memberUid and msSFU30PosixMember (which
are both ignored by winbindd). Is there some way I can make winbindd use
the correct field, or is there a configuration problem somewhere else?
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140528/6c9a233f/attachment.pgp>
More information about the samba
mailing list