Re: [Samba] [INTERNET] Re: Samba 4 DC - idmap config on a samba 4 member server

Thu, 21 Feb 2013 03:32:09 -0800 

Hello
I test your solution but if "getent" return all users and groups (AD + local), all have the same UID/GID. Strange ... 


This morning I commented idmap config DDCS67:range = 500-40000 and it 
works !! ADs users/groups


   idmap config *:backend = tdb
   idmap config *:range = 70000-79999
   idmap config DDCS67:backend = ad
   idmap config DDCS67:schema_mode = rfc2307
   #idmap config DDCS67:range = 500-40000

   winbind nss info = rfc2307
   winbind trusted domains only = no
   winbind use default domain = Yes
   winbind enum users  = yes
   winbind enum groups = yes

user1:*:70001:70001:user1l:/data/individuel/DDCS67/user1:/bin/false
user2:*:70002:70001:user2:/data/individuel/DDCS67/user2:/bin/false
user3:*:70011:70001:user3:/data/individuel/DDCS67/user3:/bin/false
administrator:*:70003:70001:Administrator:/data/individuel/DDCS67/administrator:/bin/false
user4:*:70004:70001:user4:/data/individuel/DDCS67/user4:/bin/false
user5:*:70005:70001:user5:/data/individuel/DDCS67/user5:/bin/false

It's good but I don't understand why

Franck


Le 21/02/2013 08:21, "> Hervé Hénoch (par Internet)" a écrit :

Hello Franck


I had the same problem. When I removed "config" in the two lines, 
getent group worked.


idmap config *:backend = tdb
idmap config *:range = 70001-80000


For the role of idmap you can read : 
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html


Regards


Le 20/02/2013 21:39, BOTZ Franck (Informaticien) - DDT 67/SG/MGI/CI a 
écrit :

Without idmap line, it work too.

[global]

workgroup = DDCS
security = ADS
realm = DDCS.LOCAL
encrypt passwords = yes

# idmap config *:backend = tdb
# idmap config *:range = 70001-80000
# idmap config DDCS:backend = ad
# idmap config DDCS:schema_mode = rfc2307
# idmap config DDCS:range = 500-40000

winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes

What is the really role of idmap's line ?

I have of to miss something



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba





















					Reply via email to