Web lists-archives.com

Re: [Samba] [samba] file server, AD client, no rfc2307




On Thu, 27 Jul 2017 15:23:47 +0200
"L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> ... 
> > > 
> > 
> > OK, I can now confirm that you do not need '--use-rfc2307' to 
> > use the winbind 'ad' backend on a Unix domain member.
> > 
> > You do need 'idmap_ldb:use rfc2307 = yes' in the smb.conf on 
> > a DC to use uidNumber & gidNumber attributes on the DC.
> > 
> > You will not be able to use ADUC without '--use-rfc2307' 
> > 
> > Rowland
> > 
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> > 
> Thats good to know, thank for testing Rowland. 
> 
> But should we not forget to add these then also? 
> 
> winbind nss info = template
> template homedir = /home/%D/%U 
> template shell = /bin/bash 
> Or change bash to false if you dont need ssh logins for example.

Hi Louis, I tested with your 4.6.6 packages, so I used the new 'idmap
config' lines with the users Unix home dir and shell stored in AD.

Or to put it another way, no, not on a Unix domain member.

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba