From: Freeman <f...@email.unc.edu> Date: Tue, 22 Nov 2011 16:47:01 -0500
> Greetings samba community, > > I am running samba version: Version 3.5.11-79. fc14. Trying to join > linux servers to the windows 2003 domain by running winbind and smb. I > have configured the following smb.conf file which worked but can't seem > to understand why the uid is different from the windows side when the > windows side has already mapped some kind of uid to the sid. (snip) > By omitting this "idmap config AD : range = range values" from my > configuration, i am able to gain access to this server which join the > windows domain from another linux machine. If i left it uncomment in my > configuration, i can't seem to login to this machine. (snip) > [global] > workgroup = ad > password server = server1,server2,server3 > realm = myDomain.com > security = ads > allow trusted domains = no > disable netbios = yes > > # this doesn't seem to work for some reason > # i am trying to use idmap_ad > # idmap backend = ad > idmap backend = tdb > idmap uid = 1000-5000000 > idmap gid = 1000-5000000 > > idmap config AD : default = yes > idmap config AD : cache time = 180 > idmap config AD : backend = ad > # idmap config AD : range = 100001-200000 > idmap config AD : schema_mode = rfc2307 Have you already set values into "UNIX attributes" for every user you want to "activate" under Winbind. Setting "idmap backend = ad", uid/gid and some other values are gotten from those in "UNIX attributes". > If i were to log into this machine from another linux box and run the > command 'id' i get the uid of 1000. When i try to run this command > wbinfo -n flo on the member server, i get some other number: > > [root@moe samba]# wbinfo -n flo > S-1-5-21-344340502-4252695000-2390403120-1236058 SID_USER (1) uid/gid does not have nothing to do with SID/RID. If you want to keep some relationship between RID and uid, use idmap_rid(8) instead. --- TAKAHASHI Motonobu <mo...@samba.gr.jp> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba