[Samba] Samba domain member and rfc2307 user IDs
Kevin Davidson
kevin at indigospring.co.uk
Mon Jul 25 15:02:46 UTC 2016
Having problems with rfc2307 user ids. This was working briefly and now it’s not.
samba and winbind v 2.4.2.10+dfs
wbinfo -u lists all the domain users
wbinfo -g lists all the domain groups
getent group lists all the local groups and the AD domain groups that have a UNIX gid set
getent passwd lists only the local users, then pauses for a moment, then nothing. AD users can’t log in and can’t access any shares being shared from the server.
The domain user UNIX user IDs are all in the range 1001 - 2000 and need to match up with other servers using the same UIDs.
This is from smb.conf on the domain server:
[global]
netbios name = TERRA
workgroup = DOMAIN
security = ADS
realm = OFFICE.DOMAIN.COM
encrypt passwords = yes
idmap config DOMAIN:backend = ad
idmap config DOMAIN:schema_mode = rfc2307
idmap config DOMAIN:range = 1001-60000
idmap config DOMAIN:default = yes
idmap config *:backend = tdb
idmap config *:range = 60001-9999999
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
What have I done wrong?
Kevin Davidson
Apple Certified System Administrator
Technical Director
t 01506 668674
m 07813 149620
w www.indigospring.co.uk
indigospring (Scotland) Ltd
Registered in Scotland No. SC398572
Registered office: 103 Oldwood Place, Livingston EH54 6US
Follow us on Twitter - twitter.com/indigospringIT <http://twitter.com/indigospringIT>
Members of the Apple Consultants Network - consultants.apple.com/uk <http://consultants.apple.com/uk>
http://www.indigospring.co.uk/terms-and-conditions
More information about the samba
mailing list