[Samba] Samba 4.10.6-1 Configuration on AIX
Rowland penny
rpenny at samba.org
Fri Feb 7 08:25:42 UTC 2020
On 07/02/2020 02:27, Bob Wyatt wrote:
> Thanks again for the continued help...
>
> Current thinking is using rid for the backend does not place any new administrative functions on the staff - agree?
If by this, you mean that you do not have to add anything to AD, then
yes. You may have to add a couple of template lines to your smb.conf,
the defaults are:
template homedir = /home/%D/%U
template shell = /bin/false
With the above, your users will not be able login to the Unix computer
and will get a Unix homedirectory of /home/DOMAIN/username
> Begs questions of what is being written in smbpasswd, and do we have administrative work on AIX?
> Such as adding users and a group or two in the range specified for idmap? A mapping "table"?
You do not use smbpasswd and you need something else in smb.conf:
username map = /etc/samba/user.map
With '/etc/samba/user.map' containing '!root = DOMAIN\Administrator'
After this, using the 'rid' backend, all users and groups in AD become
Unix users and groups.
Basically it boils down to, forget most of what you know about Samba3
domains ;-)
> If rid is hands-off administration, that's likely the way they want to go.
>
> Going with rid - security is still ads?
Yes, it is just a different winbind backend.
Rowland
More information about the samba
mailing list