[Samba] idmap & migration to rfc2307
buhorojo
buhorojo.lcb at gmail.com
Thu Jun 11 16:18:08 MDT 2015
On 11/06/15 19:21, Jonathan Hunter wrote:
> sfully
> # service samba4 start
>
> I have been allocating a UID for users, and a GID for groups, via RSAT
> ADUC; that's it - just used the next number in sequence. For users, I
> have been setting the primary group to "Domain Users" (which has had a
> GID allocated via ADUC)
>
> On DC2 (which nobody logs in to interactively), no issues.
>
> On DC1 (which has files and people log in to via ssh), I have issues.
The idmap db will only be consulted if the object does not have either a
uidNumber or gidNumber attribute. The easiest way to stop the pain is to:
1. make sure that your users have the two attributes
2. remove the idmap line in smb.conf
3. kill winbindd
4. consult nss information directly from your unique ad database using sssd
HTH
More information about the samba
mailing list