> -----Original Message----- > From: samba-boun...@lists.samba.org > [mailto:samba-boun...@lists.samba.org] On Behalf Of Christian > Sent: Thursday, 17 September, 2009 10:01 > To: samba > Subject: [Samba] winbind idmap question > > Hi, > > how do I tell winbind to use "UserId" from AD, and not doing > own mapping > of ID's ? > AD is win2003 R2 Std with sfu. > > What I did/tried: > current (this did not work): > > # winbind separator = \ > winbind use default domain = Yes > winbind nested groups = Yes > # winbind cache time = 600 > template shell = /bin/bash > # template homedir = /home/%D/%U > template homedir = /home/%U > idmap uid = 10000-20000 > idmap gid = 10000-20000 > winbind enum groups = Yes > winbind enum users = Yes > security = domain > # security = ads > # Where do we get our user information from? > password server = srv-001.domain.local > > tried (did not work, too, and is very slow finding users): > winbind use default domain = Yes > winbind nested groups = Yes > winbind nss info = rfc2307 > > idmap domains = DOMAIN > > idmap config DOMAIN:backend = ad > idmap config DOMAIN:default = Yes > idmap config DOMAIN:range = 10000 - 19999 > idmap config DOMAIN:schema_mode = rfc2307 > security = domain > # security = ads > # Where do we get our user information from? > password server = srv-001.domain.local > > samba version is 3.2.7 > > Thanks for your ideas > Kind Regards > Chris
>From Samba version 3.2.5 (Debian Lenny) and 3.3.6 (Lenny backports). This >config works for me in both versions, so I'm confident it will work in 3.2.7: idmap domains = YOUR_DOMAIN idmap config YOUR_DOMAIN:backend = rid idmap config YOUR_DOMAIN:base_rid = 0 idmap config YOUR_DOMAIN:range = 10000 - 49999 We have a Server 2003 native forest/domain not 2003 R2, and we do not have sfu deployed. So the environment is a little different. James Zuelow....................CBJ MIS (907)586-0236 Network Specialist...Registered Linux User No. 186591 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba