On Mon, Feb 2, 2009 at 6:31 PM, Glenn Machin <gmachin@sandia.gov>
wrote:>
> I have a samba server running on a Linux RHEL5 system. The system uses
> nss_ldap and gets passwd and group information from a non-windows ldap
> server. The smb.conf file is using security=ads and spnego in order to
> user Kerberos tickets rather than ntlmv2.
>
> I have done a net ads join, and the authentication is working fine, however
> when I try to set an ACL on a file from a windows client using an group
> defined in Active Directory I get messages talking about not being able to
> map the SID to a uid.
>
> I don't want to use winbind for authentication.
>
> So how to you map SID to uid and SID to gid?
>
>
Do you have idmap configured?
John