[Samba] pam_winbind Appears to need a Network Connection to Succeed at Offline Authentication
John R. Graham
john at graham-family.org
Fri Dec 6 16:51:37 UTC 2024
On 12/4/24 09:52, Rowland Penny via samba wrote:
> On Wed, 4 Dec 2024 09:07:45 -0500
> "John R. Graham via samba" <samba at lists.samba.org> wrote:
>> So I'm committed to the rid back end, at least in the near term,
>> because offline logins work without issue on domain members. But this
>> does leave my login on the DC producing different UID and GID values.
>> Would it be the "right thing" to just edit those so that they match
>> the values that are calculated on the domain members?
> There is no need and I would advise against even attempting it.
> ...
I've ended up editing the (currently limited number of) AD user account
records so that the UID and GID numbers on the DC match those calculated
by the rid back end on Linux domain members. Why? Because of a notion
that I have that it would be "better" if the shares on the file server
for Linux users be shared with NFS rather than Samba. These same
directories will be shared by Samba for the users when they log into
their Windows machines.
- John
More information about the samba
mailing list