[Samba] Member server - winbind unable to resolve users/groups
Luca Olivetti
luca at wetron.es
Sun Apr 5 06:10:25 MDT 2015
El 05/04/15 a les 11:57, Rowland Penny ha escrit:
>> dn: CN=Domain Users,CN=Users,DC=ads,DC=ccenter,DC=lan
>> objectSid: S-1-5-21-1031481445-3291699540-3997755762-513
>> gidNumber: 513
>>
>>
>
> I think that could very well be your problem, you have these lines in
> the smb.conf on your member server:
>
> idmap config CCENTER : backend = ad
> idmap config CCENTER : schema_mode = rfc2307
> idmap config CCENTER : range = 1000-50000
>
> What they mean is, use the winbind 'ad' backend with rfc2307 attributes
> and ignore any uidNumbers & gidNumbers that fall outside the range
> '1000-50000'
>
> '513' is less than '1000' so will be ignored, and as 'Domain Users' is
> the users primary group and must have a valid gidNumber, all users are
> ignored.
>
> Try this, give 'Domain Users' a larger gidNumber:
>
> ldbedit -e nano -H /var/lib/samba/private/sam.ldb '(cn=Domain Users)'
>
> Change 'gidNumber: 513'
>
> To 'gidNumber: 10513'
>
> Now try 'getent passwd domainuser'
Wouldn't it be better to simply change the range to 500-50000?
If he's like me, he'll have many hundreds gigabites of files with those
uids/gids
Bye
--
Luca Olivetti
Wetron Automation Technology http://www.wetron.es
Tel. +34 935883004 Fax +34 935883007
More information about the samba
mailing list