Hello, After provisioning a domain (with rfc2307 attributes), what are the next steps to enable S4 winbind to use these attributes? I have one server configured to get user info from AD via LDAP, and with the proper mappings, getent passwd reports the uid, gid, shell, etc that I have specified in AD. However, when using winbind for authentication, getent passwd reports incorrect (generated?) info for these attributes. I've tried adding: idmap config DOMAIN:backend = ad idmap config DOMAIN:schema_mode = rfc2307 and several other 'idmap config DOMAIN' and 'winbind xxx' options to no avail. Can anyone provide suggestions on how to get this working? Thank you.
From: Thomas Simmons <twsnnva at gmail.com> Date: Sat, 15 Dec 2012 22:11:00 -0500> After provisioning a domain (with rfc2307 attributes), what are the next > steps to enable S4 winbind to use these attributes?As far as I know, winbind on S4 DC cannot use this attribute. This setting affects only S4 domain member. You may manually set these attributes on S4 DC with the script: http://lists.samba.org/archive/samba-technical/2012-November/089119.html --- TAKAHASHI Motonobu <monyo at monyo.com>
After recompiling --with-shared-modules=idmap_ad, my S4 member also works. It made no difference on the DC. On Mon, Dec 17, 2012 at 11:19 AM, Thomas Simmons <twsnnva at gmail.com> wrote:> I got 3.6.10 working! > > I had to recompile with: > > --with-shared-modules=idmap_ad >