On Thu, 2013-09-05 at 19:45 +0100, Tris Mabbs wrote: > 5. Are you *absolutely* sure that your idmap back-ends are doing what you > thought?
Here's another few cents: What you are describing is almost certainly mismatched gidNumbers. Depending on where the SID to GID mapping came from it will be different. Most certainly not what you want. So: Avoid anything other than the ad backend like the plague. Add gidNumber to the DN of the group and uidNumber and gidNumber to the DN of the user. Use sssd to pull that info from AD on _anything_ unix be it the DC, the file server or a solaris/linux client. HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
