Web lists-archives.com

Re: [Samba] idmaps, again




Am 21.03.19 um 19:54 schrieb Rowland Penny via samba:

> This is one of the decisions you have to make, do you want to have the
> same ID's everywhere, or just on Unix domain members ? 

We only have one Unix domain member aside from the DCs and that is the
samba file server.

> Do you want to
> set different login shells and/or different home directories ?

nope

the AD users don't do ssh or bash or so ... "only" file access and stuff
like login/logout and GPOs etc

(only I and the main admin there use ssh to the servers ...)

> If you want the same ID's everywhere and the ability to set different
> login shells/homedirectories for your users, then you must use the 'ad'
> backend, this does involve adding uidNumber attributes to the user
> objects. This is what the Unix Attributes tab used to do.
> 
> If none of the above applies, then you can use the 'rid' backend, this
> will give you the same ID's on all Unix domain members, but all users
> that connect to the computer will get the same login shell and
> homedirectory, you also will not have to add anything to AD.

And is it possible to change the backend from ad to rid with reasonable
effort?

thanks, Stefan

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba