[Samba] Samba 4.6.5-Debian, authentication on a mix workgroup+domain
Marc-Henri Pamiseux
marc-henri.pamiseux at libricks.org
Mon Jul 31 09:38:23 UTC 2017
Hi Louis,
Do the default idmap values must precede the idmap values of the
MYDOMAIN domain? May I write something like:
Idmap config *: backend = tdb
Idmap config *: range = 65000-65535
Idmap config MYDOMAIN: backend = ad
Idmap config MYDOMAIN: range = 500-3999
I think there is a problemn using user nobody as guest account while
nobody's id is 65534.
I think there is a problem in using nobody for the guest account
directive while its user ID is 65534.
As Rowland mention in 2017-07-25 :
"You now need to give your users a gidNumber containing the Unix ID
number of a group and the group would have to have a gidNumber attribute
containing the same number."
So, does it mean that user nobody who's gidNumber is "nogroup:x:65534:"
need to be included in this mapping ? Should it be as default mapping or
as domain mapping ?
Regards,
--
Marc-Henri Pamiseux - SARL Libricks - www.libricks.fr
6 rue Léonard de Vinci - CS 20119, 53001 LAVAL Cedex
Tel. : 02.30.96.15.24 / Mobile : 06.26.71.30.97
Le 31/07/2017 à 10:42, L.P.H. van Belle via samba a écrit :
> idmap config * : backend = tdb
> idmap config * : range = 500-999
> idmap config MYDOMAIN:backend = ad
> idmap config MYDOMAIN:range = 1000-3000300
More information about the samba
mailing list