Web lists-archives.com

Re: [Samba] [Curiosity] Default domain, DC and DM...




On Fri, 10 Nov 2017 17:32:37 +0100
Marco Gaiarin via samba <samba@xxxxxxxxxxxxxxx> wrote:

> 
> In my DC, without setting explicitly a 'winbind default domain', i can
> check logins domainless:
> 
> 	root@vdcsv1:~# id gaio
> 	uid=10000(LNFFVG\gaio) gid=10513(LNFFVG\domain users)
> gruppi=10513(LNFFVG\domain
> users),11001(LNFFVG\sir),10999(LNFFVG\unixadm),3000008(LNFFVG\domain
> admins),3000005(LNFFVG\denied rodc password replication
> group),3000005(LNFFVG\denied rodc password replication
> group),3000009(BUILTIN\users),3000000(BUILTIN\administrators)
> 
> in my DM, no, i've to explicitly set the domain:
> 
> 	root@vdmsv1:~# id gaio
> 	id: gaio: no such user
> 	root@vdmsv1:~# id LNFFVG\\gaio
> 	uid=10000(gaio) gid=10513(domain users) gruppi=10513(domain
> users),11001(sir),10999(unixadm),5001(BUILTIN\users),5000(BUILTIN\administrators)
> 
> 
> but if i set 'winbind use default domain = yes':
> 
> 	root@vdmsv1:~# id gaio
> 	uid=10000(gaio) gid=10513(domain users) gruppi=10513(domain
> users),11001(sir),10999(unixadm),5001(BUILTIN\users),5000(BUILTIN\administrators)
> 
> 
> Why?!
> 

Because the code on a DC is different from the code on a Unix domain
member ;-)

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba