[Samba] Roaming profils cannot sync four files
Michael Funke
maniac.macpain at gmail.com
Tue May 15 08:53:26 UTC 2018
thank you, but it was only a copy/paste mistake. My config looks like this:
[global]
security = ADS
workgroup = EXAMPLE
realm = EXAMPLE.LOCAL
log file = /var/log/samba/%m.log
log level = 1
# Default ID mapping configuration for local BUILTIN accounts
# and groups on a domain member. The default (*) domain:
# - must not overlap with any domain ID mapping configuration!
# - must use a read-write-enabled back end, such as tdb.
# - Adding just this is not enough
# - You must set a DOMAIN backend configuration, see below
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config EXAMPLE : backend = rid
idmap config EXAMPLE : range = 1000000 - 1999999
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind refresh tickets = yes
template shell = /bin/bash
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
acl allow execute always = yes
[profiles]
path = /home/EXAMPLE/profiles/
read only = no
But it doesn't work with this configuration.
Or does I need these lines also? I don't need a login of the domainusers.
# Template settings for login shell and home directory
winbind nss info = template
template shell = /bin/bash
template homedir = /home/%U
2018-05-14 23:28 GMT+02:00 Rowland Penny via samba <samba at lists.samba.org>:
> On Mon, 14 May 2018 22:49:02 +0200
> Michael Funke via samba <samba at lists.samba.org> wrote:
>
> > Okay, I testet it and it doesn't help. Attached is also my smb.conf.
> > May it is here.
> >
> > [global]
> > # Default ID mapping configuration for local BUILTIN accounts
> > # and groups on a domain member. The default (*) domain:
> > # - must not overlap with any domain ID mapping configuration!
> > # - must use a read-write-enabled back end, such as tdb.
> > # - Adding just this is not enough
> > # - You must set a DOMAIN backend configuration, see below
> > idmap config * : backend = tdb
> > idmap config * : range = 3000-7999
> > idmap config EXAMPLE : range = 1000000 - 1999999
>
> >
> >
> > Any ideas?
> >
>
> Yes, did you not understand this:
>
> # - Adding just this is not enough
> # - You must set a DOMAIN backend configuration, see below
>
> Well, yes, you must have because you added this:
>
> idmap config EXAMPLE : range = 1000000 - 1999999
>
> Pity it wasn't enough, can I suggest you read this again:
>
> https://wiki.samba.org/index.php/Idmap_config_ad
>
> And this:
>
> https://wiki.samba.org/index.php/Idmap_config_rid
>
> and decide which you want to use and then add the missing line(s)
>
> If you do not understand those pages, can you please try to explain what
> you do not understand. Without feedback we think they are correct, if
> nobody says 'I do not understand something', we will go on thinking
> they are correct ;-)
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list