[Samba] Problem idmap_ad
edv at balke-hamburg.de
edv at balke-hamburg.de
Tue Dec 13 17:08:14 UTC 2022
Hello,
I have a problem with idmap_ad. Only some of our users are mapped and I do not get why. The working users are not especially low or high uid or sid. The uidNumber, gidNumber, loginshell and unixhomedirectory are all set with the correct values, although unix_nss_info is set to no so that only uid and gid should be neccesary.
ADS is a Windows Server 2016.
idmap_rid is working so that all users can use the shares but with this mapping they do not get the uid and gid from the ads attributes
The samba installation on Centos 8 is version 4.16.4. The following parameters are set in the smb.conf:
idmap config * : backend = tdb
idmap config * : range = 117000-117999
idmap config DOMAIN:backend = rid
; idmap config DOMAIN:backend = ad
idmap config DOMAIN:schema_mode = rfc2307
idmap config DOMAIN:range = 1001-116999
idmap config DOMAIN:unix_nss_info = no
idmap config DOMAIN:unix_primary_group = yes
template shell = /bin/bash
template homedir = /home/%U
kerberos method = secrets and keytab
winbind nss info = template
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
I did already scan all the mailing lists and several other sources but to no avail. The logs only show NT_STATUS_NO_SUCH_USER but no other clue why there is no unix uid returned.
Best regards
Matthias Mueller
More information about the samba
mailing list