Web lists-archives.com

Re: [Samba] Shares not accessible when using FQDN

On Wed, 30 Aug 2017 11:25:04 +0200 (CEST)
Gaetan SLONGO <gslongo@xxxxxxxxxxxxx> wrote:

> Rowland, 
> Yes, I mean uidNumber and gidNumber. 
> I'm aware I need to work with AD but at this time I need my unix IDs
> (on NSS) to keep services working. Not only for files ownership, but
> also for some other services. Yeah, that's complex... If I undestand
> well, the best way to do is to join the server using "net ads join"
> and use nss_winbind. This what I do but I only use the NSS LDAP
> backend instead of NSS (to keep correct ownership). This will be
> cleaned in the future (within next migration steps) but for now I
> think I have no other choice beacause it seems I cannot obtain unix
> IDs through Winbind on a domain member (or maybe I missed the
> solution??). 

If you have users in AD and if you examine a typical users object in AD
and have something like this:

uidNumber: 10000

Then yes, I would say that you have missed the solution, this is from a
Unix domain member using the winbind 'ad' backend:

getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
Notice this |

I wonder where that comes from ?
Oh I know 'uidNumber: 10000' ;-)

I think your problem may be a very common one, the 'Domain Users' group
in AD hasn't got a gidNumber attribute, if it has, then you haven't set
smb.conf up correctly, in which case post your smb.conf


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba