[Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
Steve, thanks a lot, I finally got sssd (version 1.8.4) on debian wheezy working with samba 4 (Version 4.0.8-SerNet-Debian-5.wheezy)! But one last question regarding unix attributes in the AD stays: I noticed that uidnumber/gid... is not written back to the active directory when creating a user or group. I set idmap_ldb:use rfc2307 = yes in my smb.conf, but it seems that samba-tool is ignoring this. Is this a bug? At http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html I see a script that wraps around the samba-tool when creating a user. After creating it asks winbind for uid/gid and writes these information back to AD. This seems fine as workaround but it would be nice if samba-tool does this out-of-the-box or? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
Hi, while googling around I already suspected that using winbind and samba4 is not a perfect solution. I tried to setup sssd on my debian wheezy machine but I'm not able to get a running setup: When starting up sssd the following error appear: (Mon Aug 12 09:57:43 2013) [sssd[be[shadow.local]]] [setup_child] (0x0010): Could not verify keytab (Mon Aug 12 09:57:43 2013) [sssd[be[shadow.local]]] [load_backend_module] (0x0010): Error (2) in module (ldap) initialization (sssm_ldap_id_init)! (Mon Aug 12 09:57:43 2013) [sssd[be[shadow.local]]] [be_process_init] (0x0010): fatal error initializing data providers (Mon Aug 12 09:57:43 2013) [sssd[be[shadow.local]]] [main] (0x0010): Could not initialize backend [2] My /etc/sssd/sssd.conf looks like: [sssd] config_file_version = 2 domains = shadow.local services = nss, pam debug_level = 7 [nss] [pam] [domain/shadow.local] cache_credentials = true id_provider = ldap auth_provider = krb5 chpass_provider = krb5 access_provider = ldap krb5_realm = SHADOW.LOCAL ldap_referrals = false ldap_sasl_mech = GSSAPI ldap_schema = rfc2307bis ldap_access_order = expire ldap_account_expire_policy = ad ldap_force_upper_case_realm = true ldap_user_object_class = user ldap_user_name = sAMAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_group_object_class = group ldap_group_name = sAMAccountName sssd version on debian wheezy is 1.8.4. Any ideas whats wrong? Best Regards Markus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
Hi, I'm would like to use the attributes in AD for home directory (homeDirectory) and the login shell (loginShell) for users logging in via ssh to a linux box. I added the following parameters in the global-Section of /etc/samba/smb.conf: winbind nss info = rfc2307 idmap_ldb:use rfc2307 = yes Also I set the attributes for a test-user (called tim) with some values. But when calling getent passwd I got the following result: ... SHADOW\tim:*:317:100:Tim Testinger:/home/SHADOW/tim:/bin/false So it seems that winbind is ignoring AD attributes. Is this a bug or did I misconfigure my samba installation? Best Regards Markus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
