Web lists-archives.com

Re: [Samba] [samba] Winbindd without RFC2307 question




On Thu, 20 Jul 2017 16:34:20 +0200
mathias dufresne <infractory@xxxxxxxxx> wrote:

> 
> I'm still explaining that to my client... but it seems this one like
> mess. And I'm paid to do what they ask (after I told them what I
> think of what they ask me to do, at least there's a fun part in that)
>

They are the people paying the money, so you just have to do what they
want, even if they are wrong ;-)
 
> If DC would generate their xID using some method as RID backend that
> could have same lot of time regarding xID coherency and GPO
> retrieval... at least to me.

Yes it probably would be better, except for the problem of AD groups
that need to be 'ID_MAP_BOTH'

> Nothing like :/
> They have a working MS AD domain which they are not too fond to
> change. Even schema update to include RFC2307 seems too much...

ER, have you checked the AD schema ? I think you might find that the
RFC2307 attributes are already there.

> Anyway I just learned they were attributing manually UID/GID using
> scripts. Perhaps digging into them I'll find a list of
> username:uid:gid:SID which would save a lot of... time.

Sounds like you need to dump the AD database.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba