[Samba] Problem connecting Samba and Windows Active Directory
Luca Bertoncello
L.Bertoncello at queo-group.com
Wed Aug 25 13:24:17 UTC 2021
Hi Rowland,
I got it working for myself...
As information: I need to change the smb.conf.
Now it seems to work as expected. Hopefully for a long time...
Thanks
Luca
-----Ursprüngliche Nachricht-----
Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland Penny via samba
Gesendet: Mittwoch, 25. August 2021 15:16
An: samba at lists.samba.org
Betreff: Re: [Samba] Problem connecting Samba and Windows Active Directory
On Wed, 2021-08-25 at 12:55 +0000, Luca Bertoncello via samba wrote:
> Getent passwd shows only local users. No AD-users at all... ☹
>
> The Users in AD don't have a uidNumber and don't have "Domain Users"
> as Group (we use another Group as primary one).
Then the winbind 'ad' backend will never work and you will never have any AD users & groups as Unix users and groups.
Replace this block in smb.conf:
idmap config * : range = 2000-10000
idmap config AD-QUEO-ORG : backend = ad
idmap config AD-QUEO-ORG : range = 200000-1000200000
idmap config AD-QUEO-ORG : unix_primary_group = yes
idmap config AD-QUEO-ORG : schema_mode = rfc2307
idmap config AD-QUEO-ORG : unix_nss_info = yes
With this:
idmap config * : range = 3000-7999
idmap config AD-QUEO-ORG : backend = rid
idmap config AD-QUEO-ORG : range = 10000-1000200000
It is either that, or start populating AD with uidNumber & gidNumber attributes.
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list