Thanks Marc. In fact the localhost was just a precaution and I was never sure of it, I even tried resolving localhost to make sure it worked after I made the change.
I will test idmap backend ad later, because I think what made it all work for me was setting up NSS. Now that NSS is setup I can even run id ad-user in the cli and get all the information from AD. So it seems more integrated now and I have a better understanding of NSS. I was under the impression that rid converted the SIDs into valid UIDs and GIDs. But if I am, as now, only needing it for authentication and now for IO to the FS then I should logically not require the local UIDs/GIDs. 2013/6/23 Marc Muehlfeld <sa...@marc-muehlfeld.de> > Hello Stefan, > > Am 23.06.2013 22:44, schrieb Stefan Midjich: > > I eventually got it working with the following configuration, in case any >> googlers find it helpful. >> >> I wrote it all down here on this wiki >> http://wiki.sydit.se/teknik:**ad_autentisering_foer_cifs_**med_samba<http://wiki.sydit.se/teknik:ad_autentisering_foer_cifs_med_samba>Just >> so I >> would not forget until tomorrow. :) >> > > I haven't fully compared, but isn't it widely the same like here: > http://wiki.samba.org/index.**php/Samba4/Domain_Member<http://wiki.samba.org/index.php/Samba4/Domain_Member> > Is there a reason, why you use Idmap backend rid and don't take the UIDs > from AD? > > > I don't understand swedish and what you wrote in the sentence before, but > I think setting > 127.0.0.1 webb01.domain.local webb01 > could maybe make problems somewhere sometime. 127.0.0.1 should be better > resolved to localhost. If some program resolves "webb01" /etc/hosts would > return 127.0.0.1 instead of the IP of your NIC. > > > > Regards, > Marc > -- Hälsningar / Greetings http://Stefan.Midjich.name -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba