[Samba] idmaps, again
Rowland Penny
rpenny at samba.org
Fri Mar 22 15:35:22 UTC 2019
On Fri, 22 Mar 2019 16:11:58 +0100
"Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:
> Am 22.03.19 um 11:43 schrieb Stefan G. Weichinger via samba:
> > Am 22.03.19 um 11:01 schrieb Rowland Penny via samba:
> >
> >>> Would the users itself need some editing as well (inside
> >>> LDAP/AD)?
> >>
> >> This is really up to you, you could, if you so wish, remove all the
> >> rfc2307 attributes from AD, or you could just ignore them.
> >
> > nice. sounds like my weekend project ;-) *sigh*
> >
> > thanks a lot ... will check my backups asap
>
> change is through, my tests look good to me
>
> I now run on the DM server:
>
>
> # samba-tool testparm
>
> [global]
> dedicated keytab file = /etc/krb5.keytab
> interfaces = bond0
> kerberos method = secrets and keytab
> log file = /var/log/samba/%m.log
> log level = 2
> printcap name = /dev/null
> realm = ARBEITSGRUPPE.MY-TLD.AT
> security = ADS
> template homedir = /mnt/samba/Daten/%U
> template shell = /bin/bash
> username map = /etc/samba/user.map
> winbind nss info = template
> winbind refresh tickets = Yes
> winbind use default domain = Yes
> workgroup = ARBEITSGRUPPE
> idmap config arbeitsgruppe:schema_mode = rfc2307
> idmap config arbeitsgruppe:unix_nss_info = yes
You can remove the two lines above, they are not used with the 'rid'
backend.
Rowland
More information about the samba
mailing list