Web lists-archives.com

Re: [Samba] Samba 4.3.13 logon oddity on Solaris 10

On Tue, 19 Jun 2018 13:07:56 +0200
Bernd Markgraf <bernd.markgraf@xxxxxxxxxxx> wrote:

> On Tue, 2018-06-19 at 11:04 +0100, Rowland Penny via samba-technical
> wrote:
> > On Tue, 19 Jun 2018 11:12:11 +0200
> > Bernd Markgraf via samba-technical <samba-technical@xxxxxxxxxxxxxxx>
> > wrote:
> > 
> > > Hi,
> > > 
> > > I just finished building Samba 4.3.13 on a Solaris 10 box and
> > > successfully joined it to a domain. DC is Samba 4.3.13 on FreeBSD.
> > > The OS itself uses LDAP+Kerberos to authenticate users on the Unix
> > > level and that works just fine.
> > 
> > Why are you using LDAP for authentication on a Unix domain member ?
> Because it just works and is straightforward to set up and things like
> ldaplist&co work. Until I resolved the open issue I'll just leave
> things as they are.

Yes, but its not working, is it, not at first anyway. Samba expects to
use winbind and it is only half set up.
> One thing I forgot to mention in the previous mail - once logged into
> a share files are indeed created with the correct owner/uidnumber as
> stored in the user's LDAP record.

What LDAP record ? You said the DC was a Samba AD DC, so I take it you
are referring to the users AD object. The only place I would use
something like nslcd (I take it this is what you are using) is on a DC
and only then to obtain the users homedir and shell from AD.
You have to run winbind, so why not use it fully ?


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba