Hi Doug,
i read your mail intently and would thank you for your detailed
illustration. ;-)
I would change the parameter you suggest and would do some more tests to
verify for my comprehension.
Bye,
Andy
Doug VanLeuven schrieb:
Andreas Ladanyi wrote:
There is one UNIX attribute tab and
Andreas Ladanyi wrote:
There is one UNIX attribute tab and one Members Of tab.
During some tests we discover the following facts
=
In UNIX attribute tab:
winbind is only interested in the UID field -
in ldap tree the
Andreas Ladanyi wrote:
Hay Jerry,
Gerald (Jerry) Carter schrieb:
Andreas Ladanyi wrote:
Ok ! Could it be true this behavior is different between
security=domain and security=ads ?
Because we had to put the user to the group:
- first on windows side in ActiveFirectory
- second on unix site
There is one UNIX attribute tab and one Members Of tab.
During some tests we discover the following facts
=
In UNIX attribute tab:
winbind is only interested in the UID field -
in ldap tree the attribute uidnumber.
If you're
Hay Jerry,
Gerald (Jerry) Carter schrieb:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Ok ! Could it be true this behavior is different between
security=domain and security=ads ?
Because we had to put the user to the group:
- first on windows side in ActiveFirectory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Ok ! Could it be true this behavior is different between
security=domain and security=ads ?
Because we had to put the user to the group:
- first on windows side in ActiveFirectory
- second on unix site in AD in the tab
Hi Jerry,
Gerald (Jerry) Carter schrieb:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Hi,
after deleting winbindd_idmap and winbindd_cache.tdb files:
For security =domain AND security=ADS !
wbinfo -u /-g /-t are ok !
getent passwd is ok.
getent group shows
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Winbind honors the Windows group membership and not
necessarily msSFU30PosixMemberOf attributes.
So it should be enough if you give the Windows group a GID in tab UNIX
attribute in Active Directory and you have to do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andreas Ladanyi wrote:
Winbind honors the Windows group membership and not
necessarily msSFU30PosixMemberOf attributes.
So it should be enough if you give the Windows group a GID in tab UNIX
attribute in Active Directory and you have to do