[Samba] Upgraded to 4.8 - forced to use winbindd - retro how to missing?
Christian Naumer
cn at brain-biotech.de
Tue Nov 13 14:48:59 UTC 2018
I don't know if this still works but it does what you want:
https://www.samba.org/samba/docs/current/man-html/idmap_nss.8.html
Regards
Am 13.11.18 um 15:37 schrieb Rowland Penny via samba:
> On Tue, 13 Nov 2018 09:21:14 -0500
> Richard Bollinger <rabollinger at gmail.com> wrote:
>
>> Prior to 4.8, without winbind in the picture, a windows user named
>> "rab", for instance, could be authenticated by AD, but would assume
>> the identity of the Unix user "rab", with all of his Unix defined
>> groups.
>>
>> Of course, this is not full emulation of a Windows server experience,
>> but nonetheless it is the behavior we wanted and worked well in our
>> environment where every AD user who needed access to a Unix server
>> had a corresponding Unix ID assigned with that user's uid, gids,
>> identical on all the Unix servers.
>>
>> That is the "legacy" behavior we desire. Is it still possible to
>> achieve it with the current version of Samba?
>>
>
> No and why would you want to ?
> Doing it your way means that you have to maintain the users & groups in
> two places, a total anathema to AD.
>
> Just set up the Unix domain member correctly and your Windows users &
> groups become Unix users & groups, all of them if you use the winbind
> 'rid' backend, or, if you use the 'ad' backend, just the ones you give
> a uidNumber or gidNumber attribute.
>
> If you don't want to do this (and I fail to see why you wouldn't want
> to), then leave the domain, and set the Samba server up as a standalone
> server.
>
> Rowland
>
--
Dr. Christian Naumer
Research Scientist
Plattform-Koordinator Bioprozesstechnik
B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.de, homepage www.brain-biotech.de
fon +49-6251-9331-30 / fax +49-6251-9331-11
Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Dr. Juergen Eck (Vorsitzender), Frank Goebel
Aufsichtsratsvorsitzender: Dr. Ludger Mueller
More information about the samba
mailing list