[Samba] unix_primary_group and unix_nss_info for rfc2307 idmap backend
Christof Schmitt
cs at samba.org
Thu Dec 19 23:25:52 UTC 2019
On Thu, Dec 19, 2019 at 10:19:28PM +0000, Rowland penny via samba wrote:
> On 19/12/2019 21:46, Sebastian Lisic wrote:
> >Thanks for the quick reply, Rowland!
> >
> >The problem I have is that the clients of each domain do not have access to the other domain's DC. Only the DCs of each domain can talk to one another. With Microsoft no longer allowing POSIX attributes to be replicated in the global catalog, I can't think of a way of besides an ldap proxy to pass along this information.
> >
> As far as I am aware, Microsoft still allows Posix attributes, they
> are part of the standard schema, they stopped IDMU, which removed
> the Unix attributes tab. You just have to maintain the rfc2307
> attributes in another way, which you must be doing, because you want
> to use them.
FYI,
https://blogs.technet.microsoft.com/activedirectoryua/2016/02/09/identity-management-for-unix-idmu-is-deprecated-in-windows-server/
is a useful blog post about the RF2307 attributes.
Christof
More information about the samba
mailing list