On Thu, Jun 26, 2008 at 09:25:41AM -0400, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Aiko Barz wrote:
> > Hi,
> >
> > what is the GID of an Active Directory user?
> >
> > a) Is it the GID, you can see within the Active Directory UNIX Tab?
>
> Set "winbind nss info = {sfu,rfc2307}" depending on your supported
> schemaidmap domains = DOMAIN idmap config DOMAIN:backend = ad idmap config DOMAIN:default = yes idmap config DOMAIN:range = 0-1000000 ; I know, it's a bad thing idmap config DOMAIN:schema_mode = rfc2307 winbind enum users = Yes winbind cache time = 86400 winbind enum groups = Yes winbind nss info = rfc2307 ;winbind trusted domains only = yes ;winbind nested groups = yes winbind use default domain = Yes ; winbind normalize names = yes > > b) Is it the GID of the primary windows group? > > This is the default behavior. How do I switch this behavior? Sometimes "getent passwd $USER" and "getent passwd | grep $USER" are showing different GIDs. (nscd is not installed.) Removing the GID from primary windows group does not seem to be an option, because of this hard dependency here: https://bugzilla.samba.org/show_bug.cgi?id=3546 So long, Aiko -- :wq ✉
signature.asc
Description: Digital signature
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
