samba - Jul 2011 - Samba and Active Directory 2008

I was wondering if anyone has had any luck getting samba working with a
Windows 2008 domain? I've got mine working for the most part except for UID
lookups. I've got identity management for unix installed on on the windows
box and have several users configured with custom home directories, login
shell, and UID on the Unix attributes tab. My samba server is joined to the
domain, wbinfo -u and -g both provide a list of users and groups. When i run
getent passwd i get a list of local users and domain users. With the domain
users it pulls the home directory and login shell just fine from active
directory, but i cant get it to pull the UID.

I've got it setup and working using RID, which is ok, but we would rather
get it working with the UID. I'm using samba version 3.5.4 and here is a
copy of the global settings

workgroup=test
realm=pizza.com
security=ads
password server = password-server.pizza.com
idmap uid = 10000 - 20000
idmap guid = 10000 - 20000
idmap backend = rid:pizza.com=10000-20000
winbind use default domain = yes
winbind enum users = yes
winbind refresh tickets = yes
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
winbind nss info = rfc2307
client ldap sasl wrapping = sign

Any help would be greatly appreciated.

Thanks

Keith

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/11/2011 10:09 AM, Keith wrote:
> I was wondering if anyone has had any luck getting samba working with a
> Windows 2008 domain? I've got mine working for the most part except for
UID
> lookups. I've got identity management for unix installed on on the
windows
> box and have several users configured with custom home directories, login
> shell, and UID on the Unix attributes tab. My samba server is joined to the
> domain, wbinfo -u and -g both provide a list of users and groups. When i
run
> getent passwd i get a list of local users and domain users. With the domain
> users it pulls the home directory and login shell just fine from active
> directory, but i cant get it to pull the UID.
> 
> I've got it setup and working using RID, which is ok, but we would
rather
> get it working with the UID. I'm using samba version 3.5.4 and here is
a
> copy of the global settings
> 
> workgroup=test
> realm=pizza.com
> security=ads
> password server = password-server.pizza.com
> idmap uid = 10000 - 20000
> idmap guid = 10000 - 20000
> idmap backend = rid:pizza.com=10000-20000
> winbind use default domain = yes
> winbind enum users = yes
> winbind refresh tickets = yes
> client use spnego = yes
> client ntlmv2 auth = yes
> encrypt passwords = yes
> restrict anonymous = 2
> winbind nss info = rfc2307
> client ldap sasl wrapping = sign
> 
> Any help would be greatly appreciated.
> 
> Thanks
> 
> Keith
Have you also edited your /etc/nsswitch.conf file to pull those entries
properly?  You should at least have it looking like below:

       passwd:         compat winbind
       group:          compat winbind
       shadow:         compat


- -- 
________

Robert Freeman-Day

https://launchpad.net/~presgas
GPG Public Key:
http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk4bEVYACgkQup357T5MfTbSqQCcDtAAg1/PR4mc4Q5urgUoOcP4
LCEAn10m5/LFF/Ttvu/13OGYUvD3AbOM
=zDL1
-----END PGP SIGNATURE-----