Web lists-archives.com

Re: [Samba] samba 4 joining samba 3 pdc - group mismatch




On Wed, 2 May 2018 19:21:46 -0300
"Ethy H. Brito" <ethy.brito@xxxxxxxxxxxx> wrote:

This is where it is all going wrong, Your PDC isn't using LDAP, so
you will have to rely on the winbind 'rid' backend. The lines below are
wrong in several ways:

>    idmap uid = 100000-200000
>    idmap gid = 100000-200000
>    idmap cache time = 60
>    idmap config *:range = 100000-200000
>    idmap config *:backend = rid

'idmap uid' & 'idmap gid' are deprecated, you should use the 'idmap
config' lines
The ranges overlap
You cannot use the 'rid' backend with the '*' domain
You will never get the same IDs on the PDC and Unix domain member (this
isn't really a problem)

Try it like this:

   idmap config *:range = 3000-7999
   idmap config *:backend = tdb
   idmap config PEGASE:range = 100000-200000
   idmap config PEGASE:backend = rid

I feel I should also warn you that Microsoft is making it harder &
harder to use Windows with an NT4-style domain, you really should
consider upgrading to AD.

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba