Am 25.01.2012 11:49, schrieb Victor Sudakov:
Lukas wrote:
Colleagues, please respond. Have I asked something too unconventional
or something too trivial?
idmap backend = nss ??
Its man page is very scarce. Is it supposed to work at all? Do you have any
experience with it?
root@fs02-sibptus:~# id zimaev uid=3237(zimaev) gid=2000(user)
groups=2000(user),2012(budget),3134(pto),2011(ntd)
root@fs02-sibptus:~# wbinfo -n zimaev
S-1-5-21-839522115-2139871995-725345543-1618 User (1)
root@fs02-sibptus:~# wbinfo -i zimaev
Could not get info for user zimaev
root@fs02-sibptus:~#
what gives?
what do you have in smb.conf defined for security?
(general portion of smb.conf)
[global]
workgroup = SIBPTUS
wins server = 10.14.134.1 10.14.134.4
security = domain
idmap backend = nss
idmap uid = 1000-1999999
idmap gid = 1000-1999999
template shell = /bin/bash
winbind use default domain = Yes
allow trusted domains = Yes
To me it seems, since you have security = domain, samba will try to
authenticate4 always to the domain controller.
Therefore: wbinfo -i zimaev will not return something valid, unless you
prepend the user with the domain (wbinfo -i DOMAIN\zimaev don't forget
to map the backslash with a second one DOMAIN\\zimaev) :-)
More about how that works with the security:
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#SECURITY
The idmap backend = nss just tells samba, where to store the mapping
informations from AD- versus *nix-Users.
that's about what I know of... :)
hope it can hint you to where you'd like to go ...
L.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
