On Wed, 2013-07-24 at 11:59 +0100, Jonathan Buzzard wrote: > On Wed, 2013-07-24 at 00:49 +0200, steve wrote: > > [SNIP] > > > For the record, sssd pulls all it's info from AD. > > I never said otherwise. > > > A user does not need a gidNumber, it is drawn from the > > primaryGroupID.For Linux clients it is vital that whatever the > > primaryGroupID is contains the gidNumber attribute. sssd does the > > rest. > > Hum, according to Rowland it uses the gidNumber in the users DN,
He was correct. I was wrong in assuming that you needed no gidNumber in the user DN. It is indeed the gidNumber that is used for rfc2307, exactly as openLDAP. I apologise for misleading the list before I tested it live. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba