[Samba] Samba 4, winbind and Active Directory integration Microsoft Windows Services for UNIX

Markert, Martin MMarkert at arri.de
Fri Feb 27 07:04:38 MST 2015 

Hi,
I've successfully configure idmap_rid to read id mappings from our AD servers:

        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
        winbind nested groups = Yes
        winbind separator = +
        winbind offline logon = false
        idmap config *:backend = rid
        idmap config *:range = 50000-99999
        idmap config *:schema_mode = rfc2307

But when I configure idmap_ad  I'm not able to get the uidNumber and gidNumber from the AD servers:

        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
        winbind nested groups = Yes
        winbind separator = +
        winbind offline logon = false
        idmap config ARRI:backend = ad
        idmap config ARRI:range = 1000-999999
        idmap config ARRI:schema_mode = rfc2307

[root at supermdc ~]# id schafha
uid=4294967295 gid=4294967295 groups=4294967295

This user "schafha" actually has a uidNumber 10000 and gidNumber 10000. Changing "idmap config ARRI" to "idmap config *" does not help:

[root at supermdc ~]# id schafha
id: markert1: No such user

Setup:
AD: Windows Server 2008 RC2 with Windows Services for UNIX
AD member: CentOS 6.6, sernet-samba-4.1.14-9

Please note: not all users and groups listed in AD have got a uidNumber and gidNumber? Is this a problem?

Kind regards,
Martin


Martin Markert
Systems Integrator
 

Tuerkenstr. 89, 80799 München / Germany
Phone +49 89 3809-1848

EMail MMarkert at arri.de

  Visit us on Facebook!________________________________
 [http://www.arricommercial.de/wp-content/uploads/2015/02/2015-02-25-ARRI-Media_E-mail-Signatur_Oscar.jpg] <http://www.arri.de/filmtv>

Get all the latest information from www.arri.de/filmtv<http://www.arri.de/filmtv>, Facebook<https://www.facebook.com/pages/ARRI-Film-TV/117731121606986?fref=ts>

ARRI Film & TV Services GmbH
Sitz: München - Registergericht: Amtsgericht München
Handelsregisternummer: HRB 69396
Geschäftsführer: Franz Kraus; Dr. Jörg Pohlman; Josef Reidinger

More information about the samba mailing list