Web lists-archives.com

Re: [Samba] 4.4.14 on solaris, using ads, can't read/write as user




On Thu, 29 Jun 2017 16:28:38 -0300
francis picabia via samba <samba@xxxxxxxxxxxxxxx> wrote:

> On Thu, Jun 29, 2017 at 3:48 PM, Rowland Penny via samba <
> samba@xxxxxxxxxxxxxxx> wrote:
> 
> >
> >
> > Well, no it isn't actually on that page, you need to follow an
> > hyperlink to this page:
> >
> > https://wiki.samba.org/index.php/Idmap_config_rid
> >
> >
> It is really confusing.  rid or tdb.  I don't know what it wants
> because the second link has both.

No, it isn't confusing, you need both.

You need to have something like this in smb.conf:

idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config MYDOM : backend = rid
idmap config MYDOM : range = 10000-999999

The '*' range is for the 'BUILTIN' domain i.e. the Well Known SIDs
The 'MYDOM' range is for YOUR domain


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba