Hi Thomas, greeting to all readers, > Is there something I miss or is this to be considered a bug? > > If this is the problem I am thinking of, I originally noticed it in > 4.0.0. I believe Andrew provided a patch, however I don't need this in > my production environment and only stumbled onto the issue while testing > something else, so I don't know if what I'm referring to was fixed in > later releases. I'll see if I can find the thread and bug shortly. >
I remember a thread which was about winbind ignoring objects without posixAccount/posixGroup OCs. The conclusion was to change winbind to not ignore them. But, actually, shouldn't S4 in DC mode really add them? Or is ADUC the culprit here? I didn't check out yet how recent Samba 3.6 winbind behaves as a member here. When I tried against 4.0.0 I ended up using Wireshark to analyse LDAP traffic and figured RFC2307 attrs weren't returned by the LDAP server although requested by winbind, whereas they WERE returned to Apache Directory Studio at the same time - logged in as [email protected]; a permission issue I guess. Is this a known issue? I blamed it to poor provisioning (without RFC2307 in the beginning) that day. Will try again this part later this weekend. At the moment, I'm working on a script that adds Unix Attributes automatically to all relevant users (i.e. all that winbind shows on a member. Btw. I would love to have a way to filter them, because most groups I won't ever need and they're gonna make things look complicated on the Unix side. Does anybody know anything about this?). Andreas -- Andreas Gaiser, Berlin, Germany -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
