 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Mon, Dec 6, 2010 at 9:39 AM, Norbert Schuehler <nschuehler-F76l3niPtDrUp2yKEfVny0EOCMrvLtNR at public.gmane.org> wrote: > Hi Scott, > > here is my smb.conf. ?With this I get the same UID on the local boxes for all my AD accounts. > > ns > > --------- > # Use the ADs RIDs to create unique Unix uids which are the same on all file servers > ? ? ? ?idmap backend = idmap_rid:<Your Kerberos Realm>=20000-1000000 > ? ? ? ?idmap uid = 20000-1000000 > ? ? ? ?idmap gid = 20000-1000000 > ? ? ? ?winbind use default domain = yes > ? ? ? ?winbind enum users = no > ? ? ? ?winbind enum groups = no > ? ? ? ?winbind nested groups = yes > --------- I spent about an hour or two playing with various configurations and options of idmap and winbind. Along the way, some testing revealed: getent passwd my_ad_account returned almost all appropriate values, but the uid and gid were both 10000, clearly not correct. wbinfo -n my_ad_account returned my correct sid (I think that was the wbinfo syntax used. In any event, whatever syntax I used for me returned the correct sid. So we know the system can see me - I just need the uid to be accurate. As an update, I need the uid to return the numeric portion of my ad_account username, so if I am se123456, I need the uid to return 123456, thus getent passwd would show se123456:x:123456:blah.... Thanks. Scott
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
