On 03/08/12 21:54, Gémes Géza wrote:
2012-08-03 18:46 keltezéssel, steve írta:
On 03/08/12 13:39, Gémes Géza wrote:
2012-08-03 13:07 keltezéssel, steve írta:
Three unfathormable questions:
1.
What's the difference between:
idmap_ldb : use rfc2307 = Yes
It is a samba4 winbind setting, so you need it on the Samba4 AD
controller only
and
idmap config * : backend = ad
the correct form is:
idmap config SOMEDOMAINNAME : backend =ad
and instructs the winbind from the samba3 suite to look up the uids gids
from AD for accounts in SOMEDOMAINNAME
2.
Do the terms in (1) above apply equally to Samba4 beta6 and Samba
3.6.3?
3.
If I specify either in (1) then
idmap config : range = abc-xyz
becomes meaningless.
No. With idmap_ad you map all not specifically configured domains using:
idmap backend = tdb
idmap uid = some uninteresting range
idmap gid = some uninteresting range
then for each DOMAIN you want to get the idmap information from the AD,
you specify:
idmap config INTERESTINGDOMAIN1 : backend = ad
idmap config INTERESTINGDOMAIN1 : range = first range
idmap config INTERESTINGDOMAIN2 : backend = ad
idmap config INTERESTINGDOMAIN2 : range = second range
and so on.
Cheers,
Steve
Regards
Geza
Hi Geza
On the Samba4 DC:
Despite having:
idmap config INTERESTINGDOMAIN1 : backend = ad
idmap config INTERESTINGDOMAIN1 : range = first range
No! You have misunderstood how things work currently.
On Samba4 those settings have NO meaning.
The only smb.conf setting which is meaningful for the samba4 winbind is
that with rfc2307
All the idmap_ad options have to be written in the samba3 clients smb.conf
Ho Geza
Thanks.
Got it.
Samba4 DC:
idmap_ldb use : rfc2307 = Yes
Samba3.6 client:
idmap config INTERESTINGDOMAIN1 : backend = ad
idmap config INTERESTINGDOMAIN1 : range =
abitlessthanlowestnumberIhaveforUID/GID - abitbiggerthanthe
biggestnumberforUID/GID
How does that look?
Cheers,
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
