[Samba] NSLCD works, do I need RFC2307 extensions enabled in AD as well?
john
lists.john at gmail.com
Fri Apr 17 16:48:14 MDT 2015
Hello all,
I've just installed Samba 3.6.6 from the Debian Stable repo. I want to use
this linux box as a smb file server for windows clients.
I installed NSLCD to allow users in AD to authenticate against my linux
server per
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
getent passwd and getent group returns domain users with UID mappings like:
tempuser at vanguard.mydomain.org:*:16043:16043:temp
user:/home/VANGUARD/tempuser:/bin/bash
Those same users can log into the linux box with their domain credentials
via ssh and create files owned by them
However I can't figure out how to configure Samba to allow these same users
to access a samba file share via a windows 7 client. I thought that Samba
would check /etc/nsswitch.conf like other services and use ldap just like
ssh would.
the relevant part of my nsswitch.conf file looks like:
passwd: compat ldap
group: compat ldap
shadow: compat ldap
Do I need to install RFC2307 extensions per
https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Administer_Unix_Attributes_in_Active_Directory
and then add something like the following to my smb.conf file?
idmap config DOMAIN:backend = ad
winbind nss info = sfu
Any advice is appreciated!
Thanks!
John
More information about the samba
mailing list