Hi Greg Yes the zone would just be a member server rather than a DC.
I would be using Samba out of pkgsrc but I'm encountering this bug: https://github.com/joyent/smartos-live/issues/383 The issue I have at the moment is that while I can edit nsswitch.conf and drop the winbind entry in there, the shared library that provides that database to anything using nsswitch.conf apparently needs to live in /usr/lib. In there, there is nss_files.so.1 etc for all the various data sources. According to the Samba doco, nss_winbind.so.1 that has to be symlinked in. Did you not encounter those PKCS11 issues when joining a zone to AD? Thanks Dave On 11 Feb 2015, at 7:18 am, Greg Zartman <[email protected]<mailto:[email protected]>> wrote: On Tue, Feb 10, 2015 at 4:58 AM, David Finster via smartos-discuss <[email protected]<mailto:[email protected]>> wrote: In context (and for anyone with experience with SmartOS/Samba), essentially all I'm trying to do is get the valid users that have UID/GID's setup in AD (we have UNIX services enabled) to come across as locals for the primary purpose of file permissions. Would prefer to avoid idmap, but I've done it before and can again if its the best route. Are you trying to authenticate against an existing active directory DC? If so, then I would recommend using Samba 3 + Winbindd. Samba 4 is meant first and foremost to be an AD DC. The file server parts are weak and don't handle posix UID/GIDs very well at all. It's actually very surprising how poorly Samba 4 is at doing this. It's like the Samba team left *nix clients out in the cold. I have Samba 3 + winbindd pulling UIDs/GIDs from another DC right now and it works great. Are you saying that you can't edit the nsswitch.conf to tell it to use winbindd? Greg Zartman Board Member Koozali SME Server www.koozali.org<http://www.koozali.org> SME Server user, contributor, and community member since 2000 ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
