Web lists-archives.com

Re: [Samba] [samba] Winbindd without RFC2307 question




On Wed, 19 Jul 2017 22:27:55 +0200
Emmanuel Blindauer via samba <samba@xxxxxxxxxxxxxxx> wrote:

> On 19/07/2017 16:54, mathias dufresne via samba wrote:
> > Thank you both for your replies. Unfortunately I will not be able
> > to use rfc2307 and then uidNumber and co until they modify their
> > AD. It would perhaps be done soon but for now, no real idea.
> >
> > So back to Rowland's proposition to use "rid" backend rather than
> > "ad" backend for idmap configuration.
> > To switch from "ad" to "rid" idmap backend I just changed :
> > idmap config CENTORIAL:backend = ad
> > into
> > idmap config CENTORIAL:backend = rid
> >
> > Then I reload everything with "smbcontrol all reload-config"
> >
> > To finally test all that with "id username" which wasn't working.
> >
> > I just restart the samba processes (systemctl restart blablabla)
> > and all went well.
> >
> > Thank you again :)
> >
> > Have a nice day all,
> >
> > mathias
> there is also a recent  idmap_nss which can be a solution if you have 
> another way to manage uidNumber while keeping cn=uid
> 

The whole idea behind AD is to have a central store for users and
groups. Using idmap_nss will go back to the old way of doing things,
because you need users on the fileserver and in AD, if you have
multiple fileservers, you will need the user on all of them.

Rowland



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba