On Tue, 2005-11-08 at 11:50 +0100, Dan Am wrote: > Hello, > our task is to get Samba to us the same Mapping as SFU is using in AD. > 1. In 3.0.21pre1 we set > > idmap uid = 50000-100000 > idmap gid = 50000-100000 > idmap backend = AD > winbind separator = = > > but mapping a drive from Win2003 Server fails with: > > "nsswitch/winbindd_user.c:winbindd_getpwnam(161) > user "our_user" dows not exist" > > Are we missing something ? > > 2. We succeeded with 3.0.9 by setting > > winbind enable local accounts = yes > > and pulling in the AD Users via nss_ldap directly. > But this parameter has been removed in current versions. > Why ? Are there any contraindications for the parameter ?
You were actually looking for 'winbind trusted domains only = yes'. I'm not sure entirely of the impact of using nss_ldap instead of winbindd, but this at least is the right way to do it. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
