[Samba] Shares not accessible when using FQDN
Rowland Penny
rpenny at samba.org
Wed Aug 30 09:56:46 UTC 2017
On Wed, 30 Aug 2017 11:25:04 +0200 (CEST)
Gaetan SLONGO <gslongo at it-optics.com> wrote:
> Rowland,
>
>
> Yes, I mean uidNumber and gidNumber.
> I'm aware I need to work with AD but at this time I need my unix IDs
> (on NSS) to keep services working. Not only for files ownership, but
> also for some other services. Yeah, that's complex... If I undestand
> well, the best way to do is to join the server using "net ads join"
> and use nss_winbind. This what I do but I only use the NSS LDAP
> backend instead of NSS (to keep correct ownership). This will be
> cleaned in the future (within next migration steps) but for now I
> think I have no other choice beacause it seems I cannot obtain unix
> IDs through Winbind on a domain member (or maybe I missed the
> solution??).
>
>
If you have users in AD and if you examine a typical users object in AD
and have something like this:
uidNumber: 10000
Then yes, I would say that you have missed the solution, this is from a
Unix domain member using the winbind 'ad' backend:
getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
^
Notice this |
I wonder where that comes from ?
Oh I know 'uidNumber: 10000' ;-)
I think your problem may be a very common one, the 'Domain Users' group
in AD hasn't got a gidNumber attribute, if it has, then you haven't set
smb.conf up correctly, in which case post your smb.conf
Rowland
More information about the samba
mailing list