Hello Can someone please explain what is the difference between the rid and ad backends in smb.conf? Many thanks -------- Original Message -------- Subject: samba Digest, Vol 148, Issue 27 Date: Wed, 22 Apr 2015 12:00:05 -0600 From: samba-request at lists.samba.org Reply-To: samba at lists.samba.org To: samba at lists.samba.org Send samba mailing list submissions to samba at lists.samba.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.samba.org/mailman/listinfo/samba or, via email, send a message with subject or body 'help' to samba-request at lists.samba.org You can reach the person managing the list at samba-owner at lists.samba.org When replying, please edit your Subject line so it is more specific than "Re: Contents of samba digest..."
On 30/04/15 14:52, Yanni wrote:> Hello > > Can someone please explain what is the difference between the rid and > ad backends in smb.conf? > > Many thanks > >To use the 'ad' backend on a member server, your users need to have a 'uidNumber' attribute in AD and Domain Users (at least) needs to have a gidNumber attribute in AD. These numbers need to be inside the range you set in smb.conf. The 'rid' backend does not require anything in AD, the ID numbers are calculated for you, using an algorithm based on the range you set in smb.conf. More info here: https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server Rowland
Hello Yanni, Am 30.04.2015 um 15:52 schrieb Yanni:> Can someone please explain what is the difference between the rid and ad > backends in smb.conf?Rowland already gave some information. Just an advantage, that makes me like RFC2307 more than RID backend: RFC2307 allows you to define homeDirectory and shells per user central in AD. This means you have /bin/ksh, because you like it, your collegue has /bin/bash, your boss /bin/csh and all other users /bin/nologin. If you use RID backend, then you can only have one shell for users on each server (see smb.conf: template shell) and you have to ensure on other ways, that e. g. normal users can't login via SSH. RFC2307 is a bit more administration work during user creation, but makes life more flexible later, while RID backend doesn't require anything else than to define it once in your smb.conf, but is more static with per server defined values. Regards, Marc
Hi Marc Thank you. I now understand the difference. My plan is to create a samba file server in order to store user profiles and also keep things as simple as possible. I will not have users logging into different servers with different shells. , so I think ADS is not the best option in my case. From your explanation I'm in favour of RID backend as it seems more stable because of the static setup. Rowland thank you also for your reply. Yanni On 04/05/15 19:23, Marc Muehlfeld wrote:> Hello Yanni, > > Am 30.04.2015 um 15:52 schrieb Yanni: >> Can someone please explain what is the difference between the rid and ad >> backends in smb.conf? > Rowland already gave some information. > > > Just an advantage, that makes me like RFC2307 more than RID backend: > RFC2307 allows you to define homeDirectory and shells per user central > in AD. This means you have /bin/ksh, because you like it, your collegue > has /bin/bash, your boss /bin/csh and all other users /bin/nologin. If > you use RID backend, then you can only have one shell for users on each > server (see smb.conf: template shell) and you have to ensure on other > ways, that e. g. normal users can't login via SSH. > > RFC2307 is a bit more administration work during user creation, but > makes life more flexible later, while RID backend doesn't require > anything else than to define it once in your smb.conf, but is more > static with per server defined values. > > > Regards, > Marc
> so I think ADS is not the best option in my case. > From your explanation I'm in favour of RID backend as it seems more >stable because of the static setup.Your best options is : Use ADS, with backend RID. If you have 1 DC and (or 1 extra member server ) than RID is you best option, no hassle uid/gid and RFC2307 things.. but beware if you do things on linux.. than you can need uid/gids.. 1 example, you cant share the user homedirs on differented server with rid.. because the by rid generated uid/gid wil be different per server. If you want to use more server, then we advice you to use the AD backend. Gr. Louis>-----Oorspronkelijk bericht----- >Van: y.goudetsidis at mail.cryst.bbk.ac.uk >[mailto:samba-bounces at lists.samba.org] Namens Yanni >Verzonden: dinsdag 5 mei 2015 11:55 >Aan: Marc Muehlfeld; samba at lists.samba.org >Onderwerp: [Samba] rid and ad backends differences > >Hi Marc > >Thank you. I now understand the difference. >My plan is to create a samba file server in order to store >user profiles >and also keep things as simple as possible. >I will not have users logging into different servers with different >shells. , so I think ADS is not the best option in my case. > From your explanation I'm in favour of RID backend as it seems more >stable because of the static setup. > >Rowland thank you also for your reply. >Yanni > > >On 04/05/15 19:23, Marc Muehlfeld wrote: >> Hello Yanni, >> >> Am 30.04.2015 um 15:52 schrieb Yanni: >>> Can someone please explain what is the difference between >the rid and ad >>> backends in smb.conf? >> Rowland already gave some information. >> >> >> Just an advantage, that makes me like RFC2307 more than RID backend: >> RFC2307 allows you to define homeDirectory and shells per >user central >> in AD. This means you have /bin/ksh, because you like it, >your collegue >> has /bin/bash, your boss /bin/csh and all other users >/bin/nologin. If >> you use RID backend, then you can only have one shell for >users on each>> server (see smb.conf: template shell) and you have to ensure on other >> ways, that e. g. normal users can't login via SSH.>> >> RFC2307 is a bit more administration work during user creation, but >> makes life more flexible later, while RID backend doesn't require >> anything else than to define it once in your smb.conf, but is more >> static with per server defined values. >> >> >> Regards, >> Marc > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >
Apparently Analagous Threads
- rid and ad backends differences
- can't start csh (scripts) (PR#8220)
- you have been logged on with a temporary profile_win7 client+samba 4+WinServ2012
- Can only access new SAMBA fileshare from Windows as privileged user SAMDOM/Administrator, not as an ordinary user.
- getent and wbinfo not returning expected results?