Web lists-archives.com

Re: [Samba] sometimes users fails to login




On Tue, 12 Mar 2019 12:01:08 +0100
Andrea Cucciarre' <acucciarre@xxxxxxxxxxxx> wrote:

> The OS is OmniOS, the DC is Windows Server (not sure about the
> release), and below the smb.conf.
> I have also noted that they have more trusted domains, but since they 
> configured ad idmap only for one domain, then all the other domains
> use tdb idmap

They really should set up the trusted domains

> 
> [global]
> client ldap sasl wrapping = plain
> dedicated keytab file = /etc/krb5.keytab
> disable spoolss = yes
> host msdfs = no
> idmap config * : backend = tdb
> idmap config * : range = 30000-40000
> idmap config * : schema_mode = rfc2307
> idmap config BITINTRA : backend = ad
> idmap config BITINTRA : range = 10000-3001000

Anybody else spot the obvious mistake ?

The '*' & 'BITINTRA' ranges should not overlap.
Never mind overlap, the '*' range fits inside the 'BITINTRA' range.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba