[Samba] winbind on DC : how use gidNumber instead of primaryGroupID as user's primary group
Rowland penny
rpenny at samba.org
Tue Aug 20 10:30:07 UTC 2019
On 20/08/2019 11:16, L.P.H. van Belle via samba wrote
>> The problem with that is, 'id' gets its info from the same place that
>> 'getent' does, so the OP will still get the wrong group ;-)
>>
>> Rowland
> Maybe i did not understand the question then.
> In: id username |awk -F"=" '{ print $2 }'|cut -d"(" -f1
> $2 = GID
> $3 = primary group.
The OP wants something like 'idmap config SAMDOM : unix_primary_group =
yes' but on a DC.
As the 'idmap config' lines do not work on a DC, I think he has three
options:
Just make do with 'domain Users'.
Set up a Unix domain member and use that instead.
Use nslcd.
Before anyone says 'what about sssd ?' , when the people who produce it
say 'do not use sssd with winbind', then you shouldn't use it on a Samba
AD DC.
Rowland
More information about the samba
mailing list