[Samba] use of =?utf-8?Q?=E2=80=98idmap=5Fldb=3Ause_?=rfc2307 =?utf-8?Q?=3D_yes=E2=80=99_?=in DCs
Luis Peromarta
lperoma at icloud.com
Tue Jun 11 16:25:59 UTC 2024
Me neither. AND only if you need to sync files from a DC to a member server or viceversa, so uids and gids match. Otherwise I’d say no use.
Why idmap_ldb:use rfc2307 = yes’ by default then when provisioning with rfc2307 ?
We are giving instructions to new users how to set up AD idmapping and it is so very complicated because of this, the documentation is confusing at times.
If using AD idmap , give gidNumbers, but not to ‘Domain Admins’, create an extra group ‘Unix Admins’, don’t use this here, don’t use that there.
For a newbie I believe it is too complex. Things would be much easier with a ‘idmap_ldb:use rfc2307 = no’ in a DC.
Wouldn’t it ?
LP
On Jun 11, 2024 at 17:12 +0100, samba at lists.samba.org <samba at lists.samba.org>, wrote:
>
> I am not convinced.
More information about the samba
mailing list