[Samba] [Solved] Samba 4 sudoers
Jeff Sadowski
jeff.sadowski at gmail.com
Mon May 2 13:55:08 UTC 2016
You either have to list the full group name in sudoers IE: DOMIN\groupname
or use the option "winbind use default domain = yes"
for one thing.
I'm not sure if you need enumeration but I like seeing domain users and
groups with getent so I have the options
winbind enum users = yes
winbind enum groups = yes
On Mon, May 2, 2016 at 6:11 AM, Sketch <smblist at rednsx.org> wrote:
> On Mon, 2 May 2016, Andrew Bartlett wrote:
>
> On Mon, 2016-05-02 at 07:44 +1000, John Gardeniers wrote:
>>
>>> Hi Andrew,
>>>
>>> Please elaborate, as we're about to put it on Samba 4.2. Thanks.
>>>
>>
>> Please don't use 4.2 with the sudo schema. At a client, we have seen
>> that cause database corruption when combined with multiple DCs,
>> specifically duplicate values in the database that sssd really didn't
>> like. It will also require you to run dbcheck from Samba 4.3 or later
>> before you can replicate with a Samba 4.3 DC.
>>
>
> Is this specific to 4.2? I am currently on 4.1 but planning to upgrade to
> 4.2 in the near future since 4.1 is no longer supported by anyone. I had
> previously installed the sudo schema on 4.1, but I was never able to get it
> to work. Maybe I should remove it before upgrading?
>
> BTW, I have seen occasional issues with replication of deleted entries
> that required me to manually go and delete them on the non-master DCs. Is
> this possibly related?
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list