-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andreas Ladanyi wrote: > Hi, > > after deleting winbindd_idmap and winbindd_cache.tdb files: > > For security =domain AND security=ADS ! > > wbinfo -u /-g /-t are ok ! > > getent passwd is ok. > > getent group shows different group memberships as ldapsearch with filter > "msSFU30PosixMemberOf".
Winbind honors the Windows group membership and not necessarily "msSFU30PosixMemberOf" attributes. > > smb.conf - winbind: > > winbind separator = / > winbind enum users = yes > winbind enum groups = yes > winbind cache time = 60 > idmap backend = ad > idmap uid = 6000-27000 > idmap gid = 600-7000 > template shell = /bin/bash > template homedir = /home/%u > winbind use default domain = yes > winbind refresh tickets = yes > winbind nss info = template sfu > > Any ideas ? > > Andy > - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIqyaeIR7qMdg1EfYRAgZWAKDRsC9qFFIIlIYZTgcrrt/+eZNiBQCcDNHE lxx+F3++8Y8maDRIxl3Xny8= =xmUQ -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba