Web lists-archives.com

Re: [Samba] wbinfo -i returns the same id for all users, authentication doesn't seem to go through winbind at all




Emmanuel Florac wrote:
id TESTAD\\testuser
returns "no such user" and
getent passwd TESTAD\\testuser

returns a "2" code.
----
On linux, to get 'domain\user' to resolve, I had to have
those entries in my /etc/passwd (and /etc/group for groups).

I.e. *w/o krb*, (in samba 3.x), I had entries like:

linda:x:1001:201:xxx:/home/linda:/bin/bash
   and
Domain\linda:x:1001:201:xxx:/home/linda:/bin/bash

So if something ever looked up w/'Domain\linda' on my
PDC, it would resolve to the same UID+GID as the
entry w/o the domain (since, theoretically, on the PDC,
users == 'Domain\\users').

I also had idmap config for the '*' range set the same as for
the 'Domain\' range (where the PDC is in 'Domain') as well as
for the BUILTIN range (the UID's I allocate for the 3 'domains'
are designed not to clash).
It's my intent that name 'x' & 'domain\x' would map to the same UID (and
windows RID) -- which is what happens on samba3.x.  Haven't upgraded
yet, since, with it working for me, I have other issues that are
more pressing.





--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba