[Samba] Samba winbind getgroups lookup
Satay Epic
satayepic at gmail.com
Fri Oct 4 14:16:19 UTC 2019
Ok. Wondering if it fix by changing the idmap backend to "ad" ?
Is "ad" backend a better option than "rid" since we have MS AD or otherwise ?
My next task is to ensure PAM is setup correctly with winbind. I'm
going to validate the PAM configs.
Do you have any recommendations of PAM / winbind settings?
We also having "nscd" running for the DNS host lookup. Is it right to
have "nscd" running beside "winbind"?
Thanks
On Fri, Oct 4, 2019 at 1:02 AM Rowland penny via samba
<samba at lists.samba.org> wrote:
>
> On 04/10/2019 04:39, Satay Epic wrote:
> > SSSD is not installed but I did remove it from nsswitch.conf. I still
> > see winbind always doing the group lookup for local user.
> >
> You probably always will, Samba (when using the 'rid' backend) makes all
> AD users & groups into local users & groups. Also when it is searching
> for groups for 'root', it is probably really searching for groups for
> 'Administrator'.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list