[Samba] Problem connecting Samba and Windows Active Directory
Rowland Penny
rpenny at samba.org
Wed Aug 25 13:49:19 UTC 2021
On Wed, 2021-08-25 at 15:32 +0200, Christian Naumer via samba wrote:
> On 25.08.21 15:16, Rowland Penny via samba wrote:
> > On Wed, 2021-08-25 at 12:55 +0000, Luca Bertoncello via samba
> > wrote:
> > > Getent passwd shows only local users. No AD-users at all... ☹
> > >
> > > The Users in AD don't have a uidNumber and don't have "Domain
> > > Users"
> > > as Group (we use another Group as primary one).
> >
> > Then the winbind 'ad' backend will never work and you will never
> > have
> > any AD users & groups as Unix users and groups.
> >
> > Replace this block in smb.conf:
> >
> > idmap config * : range = 2000-10000
> > idmap config AD-QUEO-ORG : backend = ad
> > idmap config AD-QUEO-ORG : range = 200000-1000200000
> > idmap config AD-QUEO-ORG : unix_primary_group = yes
> > idmap config AD-QUEO-ORG : schema_mode = rfc2307
> > idmap config AD-QUEO-ORG : unix_nss_info = yes
> >
> > With this:
> >
> > idmap config * : range = 3000-7999
> > idmap config AD-QUEO-ORG : backend = rid
> > idmap config AD-QUEO-ORG : range = 10000-1000200000
> >
> > It is either that, or start populating AD with uidNumber &
> > gidNumber
> > attributes.
>
> The Data on the server will then have "new" owners. Just be aware of
> that.
>
I don't think the OP had got that far.
Rowland
More information about the samba
mailing list