Geoffrey Scott
2006-Jan-13 02:31 UTC
[Samba] Winbind idmap_rid - no members in "domain users" .....
On my ADS member server it doesn't show any members of GUESTSHIRE\domain
users:x:5513: using getent group
Is this normal behavior? If not any ideas how do I fix it?
Out of curiosity I shutdown winbind and samba, deleted all *.tdb files (
except secrets) and restarted them. Same thing happens. There are no users
in there... But if I check in AD users and computers my users are all
members of "domain users"
This wouldn't have been where template primary group = "Domain
Users" was
useful would it? I know it has now been removed as an option, but would it
have fixed this problem in the past?
Global below:
[global]
workgroup = GUESTSHIRE
realm = GUESTSFURNITUREHIRE.COM.AU
server string = Guests_NSW File & Print server
security = ADS
allow trusted domains = No
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
printcap name = CUPS
addprinter command = /usr/local/bin/smbaddprinter.pl
panic action = /usr/share/samba/panic-action %d
idmap backend = idmap_rid:GUESTSHIRE=5000-1000000
idmap uid = 5000-1000000
idmap gid = 5000-1000000
template homedir = /home/%U
template shell = /bin/bash
winbind nested groups = Yes
printer admin = "@GUESTSHIRE\Domain Admins"
printing = cups
print command lpq command = %p
lprm command =
Gerald (Jerry) Carter
2006-Jan-13 02:43 UTC
[Samba] Winbind idmap_rid - no members in "domain users" .....
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Geoffrey Scott wrote:> On my ADS member server it doesn't show any members of GUESTSHIRE\domain > users:x:5513: using getent group > > Is this normal behavior? If not any ideas how do I fix it?Windows won't return that group without using ranged retrievals apparently. It's on our todo list.> This wouldn't have been where template primary group > = "Domain Users" was useful would it?Nope. No relation at all. cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFDx8qWIR7qMdg1EfYRAs2pAKCWbQSsPexGv9isAIHF68lFekNFhACeJ2w0 mjrr1MDZREzvbTcdj+3z38M=aAVi -----END PGP SIGNATURE-----
Apparently Analagous Threads
- AD member server setup with winbind idmap_rid - users prompted fo r password
- winbind without localuser account
- Annoying lpq commands appear after testparm
- XP SP2 - winlogon.exe crashes
- Does or doesn't vampiring users add them into multipl e groups at the same time?