samba - Mar 2021 - Understanding ID mapping between a campus AD and a local LDAP

This is encouraging! I'm going to try again with

winbind use default domain = no

and see if it works. If it doesn't I'll send some shell logs and Samba
logs.

~jonathon

________________________________________
From: samba <samba-bounces at lists.samba.org> on behalf of Christian
Naumer via samba <samba at lists.samba.org>
Sent: Tuesday, March 23, 2021 2:43 PM
To: samba at lists.samba.org
Subject: Re: [Samba] Understanding ID mapping between a campus AD and a local
LDAP



Am 23.03.21 um 18:50 schrieb Jonathon A Anderson via
samba:
> # idmap config AD : backend  = nss
> # idmap config AD : range = 1000-20000000
The idmap nss should actually do what you want to do. Are your ldap
users known to the system?

does "id username" produce an output you would expect from your LDAP
server?

The the idmap_nss backend should map users (from LDAP) with the same
name to the user from AD. I had this running a long time ago but I cant
find my notes on this.

Regards

Christian

--
Dr. Christian Naumer
Vice President
Unit Head Bioprocess Development

B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.com, homepage www.brain-biotech.com
phone +49-6251-9331-30 / fax +49-6251-9331-11

Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Adriaan Moelker (Vorstandsvorsitzender),
Lukas Linnig
Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

On 23/03/2021 21:02, Jonathon A Anderson via samba
wrote:
> This is encouraging! I'm going to try again with
>
> winbind use default domain = no
>
> and see if it works. If it doesn't I'll send some shell logs and
Samba logs.
>
> ~jonathon
>
don't forget to add the 'idmap config *' lines as well.

Rowland