[Samba] Problem Groups GID Mappings
Rowland Penny
rpenny at samba.org
Fri Oct 21 17:08:27 UTC 2016
On Fri, 21 Oct 2016 16:59:07 +0000 (UTC)
Ricardo Pardim Claus via samba <samba at lists.samba.org> wrote:
> Dear,
> I have 2 DC's Samba4.4.5.
> I realize that there is a difference in mapping groups gid mappings.
> The /etc/nsswitch.conf are equal in DC's.
> I found difference in the smb.conf of DC's.
> The DC2 shows the name of winbind groups. The DC1 shows only the uid
> of the group / user. Could someone give me a hint?
>
>
> Smb.conf file DC1
>
>
> [global]
> interfaces = lo eth0
> netbios name = SRV14
> realm = DOMAIN.LOCAL
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate workgroup = DOMAIN
> server role = active directory domain controller
> comment =
> log file = /var/log/samba/samba.log
> log level = 1
> max log size = 10000
> idmap_ldb:use rfc2307 = yes
> winbind enum users = yes
> winbind enum groups = yes
> allow dns updates = secure only
> nsupdate command = /usr/bin/nsupdate -g
> client ldap sasl wrapping = sign
> ldap server require strong auth = no
> time server = yes
> # EVENT LOGGING
> eventlog list = Application System Security SyslogLinux
>
>
> [netlogon]
> path = /usr/local/samba/var/locks/sysvol/domain.local/scripts
> read only = No
>
> [sysvol]
> path = /usr/local/samba/var/locks/sysvol
> read only = No
>
>
>
> Smb.conf file DC2
>
> [global]
> bind interfaces only = Yes
> interfaces = lo eth0
> netbios name = SRV15
> realm = DOMAIN.LOCAL
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbindd, ntp_signd, kcc, dnsupdate workgroup = DOMAIN
> server role = active directory domain controller
> comment =
> log file = /var/log/samba/%m.log
> log level = 1
> max log size = 10000
> #
> winbind enum users = yes
> winbind enum groups = yes
> client ldap sasl wrapping = sign
> ldap server require strong auth = no
>
> [netlogon]
> path = /usr/local/samba/var/locks/sysvol/domain.local/scripts
> read only = No
>
> [sysvol]
> path = /usr/local/samba/var/locks/sysvol
> read only = No
>
Apart from DC2 not having this line:
idmap_ldb:use rfc2307 = yes
Both smb.conf files look ok.
Can you elaborate on your problem and show a few examples.
Rowland
More information about the samba
mailing list