-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nick,
I think what you may be looking for is the ad backend: https://www.samba.org/samba/docs/man/manpages-3/idmap_ad.8.html Since you are using tdb in your config, it is using a local database and allocates UID/GIDs on the fly...first come, first served. So a user may not get the same UID from one machine to the next. Robert On 07/10/2012 12:20 AM, Nick Triantos wrote: > Hi, > > I'm trying to get an Ubuntu 12.04 system's Samba (3.6.3) and > Winbind to map userids and groups to the unix attributes in an AD > 2008 server. I can see that when I perform an ldapsearch, I'm able > to read the attributes, and for one of my accounts, the id should > be 1001. However, when I run 'wbinfo -i <username>', I get back > something like 920. > > At one point, I was setting the idmap range to start at 900, but > I've since removed that from my config, and restarted winbindd and > smbd. I've also tried to 'net cache flush'. > > I also see wbinfo -i <someuser> usually returns: failed to call > wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND Could not get info for user > <someuser> > > The relevant parts of my smb.conf are below. I've tried patching > this together from various tuts and help pages. Any guidance would > be very helpful. > > thanks! -Nick > > [global] workgroup = CORP security = ADS password server = > 192.168.77.251 realm = CORP.MYCOMPANY.COM allow trusted domains = > yes winbind use default domain = yes winbind nested groups = YES > idmap config CORP : backend = tdb idmap config CORP : default = > yes idmap config CORP : schema_mode = rfc2307 idmap config CORP : > range = 1000 - 9999 idmap config * : backend = tdb encrypt > passwords = true obey pam restrictions = yes client use spnego = > yes client ntlmv2 auth = yes encrypt passwords = true restrict > anonymous = 2 unix password sync = yes winbind enum groups = yes > winbind enum users = yes winbind nss info = rfc2307 > > - -- ________ Robert Freeman-Day https://launchpad.net/~presgas GPG Public Key: http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/8O4QACgkQup357T5MfTZprwCeJ7iMF7NcxUctOd7bOAFqT4ZZ AAgAoMqnWGK5E5LWZxxMxsUaVhfbil9Y =yLz3 -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba