On 07/02/15 07:27, Jason Long wrote:> Thanks. > I removed likewiseopen and if you remember, I installed CentOS 7. > My AD not show any "uidNumber" or "gidNumber" and tell me "Not set". The problem is that I can't login to Linux via AD user and is it for "uidnumber" ? > > Tnx. > > > > On Wednesday, February 4, 2015 1:09 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: > On 04/02/15 06:11, Jason Long wrote: >> Thanks. >> You right, It tell me that "Uid not set", But is Uid my problem? I can't login to system with AD because of "uid"? If yes, Why I can login to system via Likewise ? >> >> > Firstly, please stop sending posts directly to me, send them to the > list, I am not your personal advisor ! > > You have been advised to remove likewiseopen, if you haven't done this > yet, please remove it, once it is removed, start giving your users a > uidNumber with the ADUC UNIX_Attributes tab, also give 'Domain Users' a > > gidNumber. > > Rowland >OK, you probably have something like this in smb.conf: idmap config EXAMPLE : backend = ad idmap config EXAMPLE : range = 10000-999999 idmap config EXAMPLE : schema_mode = rfc2307 Where 'EXAMPLE' will be your domain name and '10000-999999' is your range. If you do not want to add 'uidNumber' & 'gidNumber' attributes to AD, change the 3 lines to this: idmap config EXAMPLE : backend = rid idmap config EXAMPLE : range = 10000-999999 Restart samba services and the ID numbers will be allocated for you. Rowland
Thanks a lot. [root at printmah ~]# getent passwd jason jason:*:11303:10513:jason JASON:/home/JASONDOMAIN/jason:/bin/false But I can't login to Linux via AD username and it show me : Last login: Sun Feb 8 01:48:32 2015 Could not chdir to home directory /home/JASONDOMAIN/jason: No such file or directory I guess it can't create a Home directory for Each AD user. How can I solve it? Cheers. On Saturday, February 7, 2015 1:17 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: On 07/02/15 07:27, Jason Long wrote:> Thanks. > I removed likewiseopen and if you remember, I installed CentOS 7. > My AD not show any "uidNumber" or "gidNumber" and tell me "Not set". The problem is that I can't login to Linux via AD user and is it for "uidnumber" ? > > Tnx. > > > > On Wednesday, February 4, 2015 1:09 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: > On 04/02/15 06:11, Jason Long wrote: >> Thanks. >> You right, It tell me that "Uid not set", But is Uid my problem? I can't login to system with AD because of "uid"? If yes, Why I can login to system via Likewise ? >> >> > Firstly, please stop sending posts directly to me, send them to the > list, I am not your personal advisor ! > > You have been advised to remove likewiseopen, if you haven't done this > yet, please remove it, once it is removed, start giving your users a > uidNumber with the ADUC UNIX_Attributes tab, also give 'Domain Users' a > > gidNumber. > > Rowland >OK, you probably have something like this in smb.conf: idmap config EXAMPLE : backend = ad idmap config EXAMPLE : range = 10000-999999 idmap config EXAMPLE : schema_mode = rfc2307 Where 'EXAMPLE' will be your domain name and '10000-999999' is your range. If you do not want to add 'uidNumber' & 'gidNumber' attributes to AD, change the 3 lines to this: idmap config EXAMPLE : backend = rid idmap config EXAMPLE : range = 10000-999999 Restart samba services and the ID numbers will be allocated for you. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
On 08/02/15 06:51, Jason Long wrote:> Thanks a lot. > > [root at printmah ~]# getent passwd jason > jason:*:11303:10513:jason JASON:/home/JASONDOMAIN/jason:/bin/false > > But I can't login to Linux via AD username and it show me : > > > > Last login: Sun Feb 8 01:48:32 2015 > Could not chdir to home directory /home/JASONDOMAIN/jason: No such file or directory > > > > > I guess it can't create a Home directory for Each AD user. How can I solve it? > > > Cheers.You actually have a few problems there and you can fix them this way. Add this to smb.conf: template shell = /bin/sh template homedir = /home/%U restart samba Add this to /etc/pam.d/common-account: session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 and you should be able to login Rowland