[Samba] ODP: Re: samba 4 ad member - idmap = ad for machine accounts

L.P.H. van Belle belle at bazuin.nl
Tue Sep 19 08:00:35 UTC 2017 

Depending on you setup, and this makes it hard. 
 domain computers group , Yes, possible, but often not needed.
 machine accounts  No, never. 

Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> k.wirski via samba
> Verzonden: dinsdag 19 september 2017 9:56
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] ODP: Re: samba 4 ad member - idmap = ad 
> for machine accounts
> 
> Basically that was my initial question, should adding GID and 
> UID to domain computers group (gid) and machine accounts 
> (uid) be enough, and if it should, and it doesnt work - what 
> else should be done to make it work, or what am I missong?
> 
> I'm not sure what You mean about invalidating cache?
> 
> 
> Wys??ano z mojego smartfona w PLAY
> 
> <div>-------- Oryginalna wiadomo???? --------</div><div>Od: 
> Marco Gaiarin via samba <samba at lists.samba.org> 
> </div><div>Data:09.19.2017  9:11  (GMT+01:00) </div><div>Do: 
> samba at lists.samba.org </div><div>Temat: Re: [Samba] samba 4 
> ad member - idmap = ad for machine accounts </div><div> 
> </div>Mandi! Kacper Wirski via samba
>   In chel di` si favelave...
> 
> > getent passwd gives same, OK result, still unable to authenticate
> 
> I'm still curious to know how rfc23037 does not work, and RID 
> insted work.
> Seems to me that assigning a GID to 'Domain Computers' is the 
> same as using RID.
> 
> 
> Kacper: i don't want to offend you but... have you invalidate 
> the eventually used cache, eg restart for example nscd?
> 
> Louis, Rowland: can you explain why?
> 
> 
> Thanks.
> 
> -- 
> dott. Marco Gaiarin	         GNUPG Key ID: 240A3D66
>   Associazione ``La Nostra Famiglia''          
> http://www.lanostrafamiglia.it/
>   Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al 
> Tagliamento (PN)
>   marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   
> f +39-0434-842797
> 
> Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
>       http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
> (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list