[Samba] Fwd: Re: Ressources needed (cpus, ram, etc.) for a Samba server
Edouard Guigné
eguigne at pasteur-cayenne.fr
Wed Apr 10 16:53:30 UTC 2019
I see, yes the unix attributes are set on the AD DC (RFC2307) for each
users and each groups.
And that's a question, because I am using a Windows Server 2012 R2 as AD DC.
Does the unix attibutes will be still available in the Windows Server
2019 version ?
I don't talk about the ADUC and how to set unix attributes tab, I ask
about the attributes on the AD schema
because I know that NIS and unix attributes tab in ADUC is deprecated
in Windows server 2016, but it can still be set via a powershell script.
EdG
Le 10/04/2019 à 13:41, Rowland Penny via samba a écrit :
> On Wed, 10 Apr 2019 13:14:35 -0300
> Edouard Guigné via samba <samba at lists.samba.org> wrote:
>
>> Log level to 10 was for debug reasons, I can now surely set to 1 now.
>> Concerning idmap config IPGAD, I don't see why is the reason to start
>> at 1... I will set to 10000 as according to the documentation, thank
>> you.
>>
>> What do you mean by "
>> You are also using the winbind 'ad' backend, so have you added
>> anything to AD ?
>> " ?
> Just what it says. I don't remember if you said what the AD DC is, but
> it doesn't really matter, if you create a user using ADUC or
> samba-tool, the user will just be a Windows user. That is unless you
> also use the UNIX Attributes tab on ADUC or specify the RFC2307
> attributes with 'samba-tool user add'.
> The minimum requirement for a Unix AD user is that they must have a
> uidNumber attribute containing a unique number inside the range you
> set in smb.conf (now do you see why I asked about the range starting
> at '1' ?) AND 'Domain Users'(the default user primary group) must have
> a gidNumber attribute inside the same range. You are also using
> 'unix_primary_group = yes', so your users should also have gidNumber
> attribute containing the gidNumber of a group.
>
> It take it you haven't done any of the above, so you may want to
> consider using the 'rid' backend instead. I would suggest you read
> the wiki pages I pointed you to earlier.
>
> Rowland
>
More information about the samba
mailing list