2017-08-30 16:15 GMT+02:00 mathias dufresne <infractory at gmail.com>:> > > 2017-08-30 16:05 GMT+02:00 Rowland Penny via samba <samba at lists.samba.org> > : > >> On Wed, 30 Aug 2017 15:01:05 +0200 >> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: >> >> > Small addition. >> > >> > > have in a users AD object is uidNumber. You can set the shell >> > > and unix homedir via template lines in smb.conf. >> > > The 'Domain Users' group must have a gidNumber attribute. >> > > >> > >> > No, the primary group, which is set for the user, must have a >> > gidNumber. But preffered "Domain Users" >> >> Well yes, but unless you are running Samba 4.6.x and have set up >> smb.conf to use other groups, then the primary group will be Domain >> Users, unless you are a computer and then it is Domain Computers ;-) >> > > Does that means winbind do not honor gidNumber? >Damned, that's true, winbind does not honor gidNumber :/> > >> >> Rowland >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > >
On Wed, 30 Aug 2017 16:20:49 +0200 mathias dufresne <infractory at gmail.com> wrote:> 2017-08-30 16:15 GMT+02:00 mathias dufresne <infractory at gmail.com>: > > > > > > > 2017-08-30 16:05 GMT+02:00 Rowland Penny via samba > > <samba at lists.samba.org> : > > > >> On Wed, 30 Aug 2017 15:01:05 +0200 > >> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > >> > >> > Small addition. > >> > > >> > > have in a users AD object is uidNumber. You can set the shell > >> > > and unix homedir via template lines in smb.conf. > >> > > The 'Domain Users' group must have a gidNumber attribute. > >> > > > >> > > >> > No, the primary group, which is set for the user, must have a > >> > gidNumber. But preffered "Domain Users" > >> > >> Well yes, but unless you are running Samba 4.6.x and have set up > >> smb.conf to use other groups, then the primary group will be Domain > >> Users, unless you are a computer and then it is Domain > >> Computers ;-) > >> > > > > Does that means winbind do not honor gidNumber? > > > > Damned, that's true, winbind does not honor gidNumber :/ >It does, if you use Samba 4.6.x and add 'idmap config SAMDOM:unix_primary_group = yes' Rowland
2017-08-30 16:29 GMT+02:00 Rowland Penny via samba <samba at lists.samba.org>:> On Wed, 30 Aug 2017 16:20:49 +0200 > mathias dufresne <infractory at gmail.com> wrote: > > > 2017-08-30 16:15 GMT+02:00 mathias dufresne <infractory at gmail.com>: > > > > > > > > > > > 2017-08-30 16:05 GMT+02:00 Rowland Penny via samba > > > <samba at lists.samba.org> : > > > > > >> On Wed, 30 Aug 2017 15:01:05 +0200 > > >> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > > >> > > >> > Small addition. > > >> > > > >> > > have in a users AD object is uidNumber. You can set the shell > > >> > > and unix homedir via template lines in smb.conf. > > >> > > The 'Domain Users' group must have a gidNumber attribute. > > >> > > > > >> > > > >> > No, the primary group, which is set for the user, must have a > > >> > gidNumber. But preffered "Domain Users" > > >> > > >> Well yes, but unless you are running Samba 4.6.x and have set up > > >> smb.conf to use other groups, then the primary group will be Domain > > >> Users, unless you are a computer and then it is Domain > > >> Computers ;-) > > >> > > > > > > Does that means winbind do not honor gidNumber? > > > > > > > Damned, that's true, winbind does not honor gidNumber :/ > > > > It does, if you use Samba 4.6.x and add 'idmap config > SAMDOM:unix_primary_group = yes' > >Oh! Thank you for the news and and thanks to Samba dev to added that feature : )> Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >