[Samba] winbind rfc2307 not being obeyed

Jeff Sadowski jeff.sadowski at gmail.com
Mon Oct 30 15:49:24 UTC 2017


OS:fedora-26
SAMBA:4.6.8
[root at squints ~]# cat /etc/samba/smb.conf
[global]
   security = ads
   realm = MIND.UNM.EDU
   workgroup = MIND
   idmap config * : backend = tdb
   idmap config * : range = 2000-7999
   idmap config MIND:backend = ad
   idmap config MIND:schema_mode = rfc2307
   idmap config MIND:range = 8000-9999999
   winbind nss info = rfc2307
   winbind use default domain = yes
   # so that the users show up in getent
   winbind enum users = yes
   # so that the groups show up in getent
   winbind enum groups = yes
   restrict anonymous = 2
   #added the following 2 for the Badlock updates that change the defaults
   #to no longer work with my domain controllers
   ldap server require strong auth = no
   client ldap sasl wrapping = plain

[root at squints ~]# getent passwd jsadowski
jsadowski:*:11490:8513::/home/MIND/jsadowski:/bin/false

however from an ubuntu machine with the same smb.conf it looks like so
OS:ubuntu-16.04
SAMBA:4.3.11
root at daddles:~# getent passwd jsadowski
jsadowski:*:11490:8000::/na/homes/jsadowski:/bin/bash

which is how AD shows it as well.

Did something change in newer versions of samba that I need to add
more config options?



More information about the samba mailing list