[Samba] Samba 4.1.17-Debian as ADS member
Stefan G. Weichinger
lists at xunil.at
Wed Feb 24 11:49:31 UTC 2016
I lose track here and I have to fix this as users get angry (we all know
that ...)
debian 8.3, samba 4.1.17
(substituted customer name by "CUST" below ...)
[global]
workgroup = CUST
realm = MABC.CUST
security = ADS
map untrusted to domain = Yes
load printers = No
printcap name = /dev/null
disable spoolss = Yes
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
idmap config CUST:range = 10000-99999
idmap config CUST:backend = ad
idmap config *:range = 2000-9999
idmap config * : backend = tdb
correct?
# /etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: compat
----
I have correct time.
I have a valid join:
# net ads testjoin
Join is OK
# wbinfo -t
checking the trust secret for domain CUST via RPC calls succeeded
I get users and groups via "wbinfo -[ug]".
1) smbstatus displays "-1" for Username and Group *sometimes* ... why?
2) right now I don't get ADS-users/groups via getent.
3) in turn I only see UIDs and GIDs in the linux filesystem, no
ADS-user/group-names.
-
please help me to get that correct at last ... thanks
More information about the samba
mailing list