[Samba] idmap weirdness - wildcard values being used instead of rfc2307 AD values
Doug Meredith
doug.meredith at skyridge.com
Thu Oct 30 05:29:16 MDT 2014
I've done a lot of research on this and haven't been able to solve the
problem. Hopefully someone here has a better understanding of this than I
do.
The problem is that the UIDs and GIDs are not being fetched from AD. For
example "getent passwd doug" returns:
doug:*:70003:70005:Doug Meredith:/home/DSTRC/doug:/bin/false
My full name has correctly been pulled from AD but the UID specified in AD
is 20001 and the group is 10000. The values shown above are obviously
coming from the wildcard idmap specified in my smb.conf, but I'm at a loss
as to why. This occurs for all users and all groups.
Platform is FreeBSD 10 and I'm using Samba 4.1.13. Full smb.conf is
bellow. Any help would be very much appreciated.
[global]
workgroup = DSTRC
security = ADS
realm = DSTRC.ORG
encrypt passwords = yes
idmap config *:backend = tdb
idmap config *:range = 70001-80000
idmap config DSTRC:backend = ad
idmap config DSTRC:schema_mode = rfc2307
idmap config DSTRC:range = 500-40000
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
vfs objects = zfsacl
map acl inherit = Yes
store dos attributes = Yes
printcap name = /dev/null
load printers = no
disable spoolss = yes
printing = bsd
[media]]
path = /pool1/media
comment = Movies, TV and music
read only = no
More information about the samba
mailing list