Re: [Samba] Samba 4.4.16 %g translation fails for some users

On Fri, 5 Jan 2018 16:47:37 +0000
Daulton Theodore <DaultonTheodore@xxxxxxxxxxxxxxxxx> wrote:

> Hi Rowland,
> Thanks for your feedback. 
> It turned out that a few of our users had unix names in /etc/passwd
> that matched the AD names for other staff. I've changed the unix
> names to make them distinct and mapped the new account to the correct
> AD user via the username map option.

You don't map AD users to Unix users in the username map any more, this
is old school ;-)

All you need to do is set up libnss_winbind and then use the winbind
backend of your choice, 'ad' if you want the same ID on all Unix domain
machines, or 'rid' if you do not want to add anything to AD

You should not have AD users in /etc/passwd, even with another name,
there should only be local Unix users in /etc/passwd.


