[Samba] [samba] Winbindd without RFC2307 question
Rowland Penny
rpenny at samba.org
Wed Jul 19 21:04:54 UTC 2017
On Wed, 19 Jul 2017 22:27:55 +0200
Emmanuel Blindauer via samba <samba at lists.samba.org> wrote:
> On 19/07/2017 16:54, mathias dufresne via samba wrote:
> > Thank you both for your replies. Unfortunately I will not be able
> > to use rfc2307 and then uidNumber and co until they modify their
> > AD. It would perhaps be done soon but for now, no real idea.
> >
> > So back to Rowland's proposition to use "rid" backend rather than
> > "ad" backend for idmap configuration.
> > To switch from "ad" to "rid" idmap backend I just changed :
> > idmap config CENTORIAL:backend = ad
> > into
> > idmap config CENTORIAL:backend = rid
> >
> > Then I reload everything with "smbcontrol all reload-config"
> >
> > To finally test all that with "id username" which wasn't working.
> >
> > I just restart the samba processes (systemctl restart blablabla)
> > and all went well.
> >
> > Thank you again :)
> >
> > Have a nice day all,
> >
> > mathias
> there is also a recent idmap_nss which can be a solution if you have
> another way to manage uidNumber while keeping cn=uid
>
The whole idea behind AD is to have a central store for users and
groups. Using idmap_nss will go back to the old way of doing things,
because you need users on the fileserver and in AD, if you have
multiple fileservers, you will need the user on all of them.
Rowland
More information about the samba
mailing list