Re: [Samba] wbinfo not resolving SID to username
- Date: Mon, 2 Jul 2018 14:36:57 +0200
- From: "Ing. Claudio Nicora via samba" <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] wbinfo not resolving SID to username
you should remove 'winbind' from the shadow line, it isn't required.
Ok. This is the first Samba DC I'm playing with and I like to check
everything before putting it into production.
That is all perfectly normal on a Samba AD DC. The only way to get all
users and groups mapped to names, is to use uidNumber & gidNumber
attributes for all users & groups. This is NOT recommended on a DC,
this is because of sysvol, where some groups have also to be users to
own things. This is done in idmap.ldb where groups are mapped to
ID_TYPE_BOTH, if you give the wrong group a gidNumber, it will become
just a group and a group cannot own anything on Linux.
Just as an aside, I think you will find that 'sysvol' is mostly empty,
you will need to sync it from the DC you joined this one to. Rowland
I've replicated sysvol with robocopy (from the Windows) and configured a
task to keep things in sync till the Windows DC will be demoted.
What about the strange chars in getfacl output? They seem like escape
"default:group:BUILTIN\134administrators:rwx" should read
Is there something wrong here?
To unsubscribe from this list go to the following URL and read the