On Thursday, February 21, 2013 12:32:18 PM BOTZ Franck - DDT 67/SG/MGI/CI wrote: > Hello > > I test your solution but if "getent" return all users and groups (AD + > local), all have the same UID/GID. Strange ... > > This morning I commented idmap config DDCS67:range = 500-40000 and it > works !! ADs users/groups >
I am testing idmap_ad as well and I have lot of issue with idmap_ad but I was thinking that it's because I haven't provision with rfc2307 at that time. When you say it work, do you mean that the returned uid/gid are the ones stored in the directorie (uidNumber/gidNumber) ? thanks > idmap config *:backend = tdb > idmap config *:range = 70000-79999 > idmap config DDCS67:backend = ad > idmap config DDCS67:schema_mode = rfc2307 > #idmap config DDCS67:range = 500-40000 > > winbind nss info = rfc2307 > winbind trusted domains only = no > winbind use default domain = Yes > winbind enum users = yes > winbind enum groups = yes > > user1:*:70001:70001:user1l:/data/individuel/DDCS67/user1:/bin/false > user2:*:70002:70001:user2:/data/individuel/DDCS67/user2:/bin/false > user3:*:70011:70001:user3:/data/individuel/DDCS67/user3:/bin/false > administrator:*:70003:70001:Administrator:/data/individuel/DDCS67/administra > tor:/bin/false > user4:*:70004:70001:user4:/data/individuel/DDCS67/user4:/bin/false > user5:*:70005:70001:user5:/data/individuel/DDCS67/user5:/bin/false > > It's good but I don't understand why > > Franck > > Le 21/02/2013 08:21, "> Hervé Hénoch (par Internet)" a écrit : > > Hello Franck > > > > I had the same problem. When I removed "config" in the two lines, > > getent group worked. > > > > idmap config *:backend = tdb > > idmap config *:range = 70001-80000 > > > > For the role of idmap you can read : > > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html > > > > Regards > > > > Le 20/02/2013 21:39, BOTZ Franck (Informaticien) - DDT 67/SG/MGI/CI a > > > > écrit : > >> Without idmap line, it work too. > >> > >> [global] > >> > >> workgroup = DDCS > >> security = ADS > >> realm = DDCS.LOCAL > >> encrypt passwords = yes > >> > >> # idmap config *:backend = tdb > >> # idmap config *:range = 70001-80000 > >> # idmap config DDCS:backend = ad > >> # idmap config DDCS:schema_mode = rfc2307 > >> # idmap config DDCS:range = 500-40000 > >> > >> winbind nss info = rfc2307 > >> winbind trusted domains only = no > >> winbind use default domain = yes > >> winbind enum users = yes > >> winbind enum groups = yes > >> > >> What is the really role of idmap's line ? > >> > >> I have of to miss something -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba