Complete new user here. Setting up my first samba configuration, using
samba 4.0.6 as a primary domain controller. I have user profiles, network
shares, active directory, and domain controller working. But I can not
understand how to map windows userid to linux userid (and map groupid as
well). I am struggling because much of the documentation is outdated and
meant for samba 3.x or targetted for samba as a domain member. I followed
some documentation to try the userid mapping through active directory, but
that required Microsoft services for Unix 3.5, which will not install on 64
versions of MS. I find myself without any orientation of how to proceed.
I am suffering from documentation overload, much of it contradictory or not
applicable. I am not even sure how to use winbind, or if that is required
for my situation. I really need a simple step by step howto that is
specific to samba 4 as a PDC. If you want to reference documentation,
great, but please reference specific sections instead of whole general
chapters. Any help greatly appreciated. Thank you.
Configuration information follows:
Server
--------------------------------
OS: OpenSuSE 12.1, 64 bit
Samba: Samba 4.0.6
Configuration: Primary domain controller with active directory support
Using BIND 9 DNS server
--------------------------------
Client
--------------------------------
OS: Windows 7 Professional, 64 bit
--------------------------------
Samba configuration file
--------------------------------
# Global parameters
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.ORG
netbios name = SERVER
wins support = Yes
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind,
ntp_signd, kcc, dnsupdate
encrypt passwords = yes
# Setup user maps
idmap config * : backend = tdb
idmap config * : range = 100000-199999
idmap config MYDOMAIN : backend = ad
idmap config MYDOMAIN : schema_mode = rfc2307
idmap config MYDOMAIN : range = 50000-99999
winbind nss info = rfc2307
winbind trusted domains only = No
winbind use default domain = Yes
winbind enum users = Yes
winbind enum groups = Yes
# Logon path tells samba where to put Windows roaming profiles
logon path = \\%h\profiles\%u
# Logon home is used to specify home directory and
# Windows 95/98/ME roaming profile location
logon home = \\%h\%u\.win_profiles
# Allow Samba to send correct time to windows
time server = Yes
# Set logging options
log file = /var/log/samba/log.odeon
# Shares configurations follows. Not included for brevity . . .
--------------------------------