Re: [Samba] Upgraded to 4.8 - forced to use winbindd - retro how to missing?
- Date: Tue, 13 Nov 2018 14:37:36 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Upgraded to 4.8 - forced to use winbindd - retro how to missing?
On Tue, 13 Nov 2018 09:21:14 -0500
Richard Bollinger <rabollinger@xxxxxxxxx> wrote:
> Prior to 4.8, without winbind in the picture, a windows user named
> "rab", for instance, could be authenticated by AD, but would assume
> the identity of the Unix user "rab", with all of his Unix defined
> Of course, this is not full emulation of a Windows server experience,
> but nonetheless it is the behavior we wanted and worked well in our
> environment where every AD user who needed access to a Unix server
> had a corresponding Unix ID assigned with that user's uid, gids,
> identical on all the Unix servers.
> That is the "legacy" behavior we desire. Is it still possible to
> achieve it with the current version of Samba?
No and why would you want to ?
Doing it your way means that you have to maintain the users & groups in
two places, a total anathema to AD.
Just set up the Unix domain member correctly and your Windows users &
groups become Unix users & groups, all of them if you use the winbind
'rid' backend, or, if you use the 'ad' backend, just the ones you give
a uidNumber or gidNumber attribute.
If you don't want to do this (and I fail to see why you wouldn't want
to), then leave the domain, and set the Samba server up as a standalone
To unsubscribe from this list go to the following URL and read the