[Samba] Usrname map and Windows ACLs question
Rowland Penny
rpenny at samba.org
Wed May 29 14:22:08 UTC 2024
On Wed, 29 May 2024 09:40:42 -0300
Ivan Lopez via samba <samba at lists.samba.org> wrote:
> Hi!. I've already read that really useful notebook. Thanks for it.
> Sadly, I couldn't find any differences.
>
> All seems work OK without "username map" but as soon as I map
> OURDOM\Administrator to root vía "username map", I lost "Sessions"
> and "Open files" in RSAT, so I would like to know if I miss something
> without that mapping.
>
> Does RSAT sessions and Open Files work with YOURDOM\Administrator
> mapped to root in your infraestructure?
>
I really must update that wikipage, I carried out some tests last
November and found that it appears you no longer need the usermap, see
here:
https://lists.samba.org/archive/samba/2023-November/247267.html
If you are using the 'ad' idmap config backend, then you must not give
'Administrator' a uidNumber attribute or give 'Domain Admins' a
gidNumber attribute, to do either will break SYSVOL.
So yes, whilst I do not understand why RSAT doesn't work with the
usermap, you no longer require the usermap.
Rowland
More information about the samba
mailing list