On 04/02/2010 15:00, Gaiseric Vandal wrote:
On 02/04/10 04:07, Liam Gretton wrote:
What I've done to get round this is to use the ldap backend for
winbind, and create the mappings myself. This seems to work perfectly
well but I can't believe there's not a means within winbind to use the
account username to look up UIDs from an existing range.
It looks like from the Samba how to documentation that you might want to
use the RID backend- which would use the Active Directory to store the
IDMAP info instead of a standalone LDAP server.
As I understand it, that will just derive a new UID from the RID. I need
winbind to use existing UIDs. Also, writing anything back to the AD is
probably out of the question in our environment.
Also, MS Services for Unix uses relies on unix attributes - I don't
think it has to expand the schema when installed. But if you install it
it may give you the option to tweak the uid.
Installing SFU isn't an option, unfortunately.
I would want to point out that under Sun's Samba 3.0.3x release I have
had a lot of problems with domain trusts with a Windows 2003 server
(mixed mode) and the idmapping cache- even with idmapping in LDAP. The
PDC and one BDC are running 3.0.3x. I have a 2nd BDC running Samba
3.4.x (compiled from source) which seems to handle this a lot better.
I've only been testing so far but haven't encountered any problems yet
with 3.0.34 and 3.0.37. Doesn't mean I won't at some point though!
--
Liam Gretton [email protected]
HPC Architect http://www.le.ac.uk/its/
IT Services Tel: +44 (0)116 2522254
University Of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
