Marco Gaiarin
2022-Jan-12 18:23 UTC
[Samba] pam_winbind, ssh and cross-forest membership...
Mandi! Rowland Penny via samba In chel di` si favelave...>> Forgot to say: 'winbind use default domain = Yes'. > Then remove it, you cannot use it with multiple domains.Rowland, Andrew some month ago here say that now 'winbind use default domain Yes' works as expected, eg in a multidomain/forest environment, permit to not add the 'defauklt0 domain. Clearly i've tried to use also the domainful version, with the same result. Simply i'm no able to have listed with 'id SUBA\a' the foreig domains; if i add 'winbind expand groups = 5' i can list users in foreign group, but not the converse. -- Se Darl McBride [il presidente di SCO] ne fosse incaricato, probabilmente renderebbe anticostituzionale anche il matrimonio, poich? chiaramente attenua la normale natura commerciale dell'interazione umana ed ? probabilmente un ostacolo importante alla crescita commerciale della prostituzione. Linus Torvalds
Rowland Penny
2022-Jan-12 18:51 UTC
[Samba] pam_winbind, ssh and cross-forest membership...
On Wed, 2022-01-12 at 19:23 +0100, Marco Gaiarin via samba wrote:> Mandi! Rowland Penny via samba > In chel di` si favelave... > > > > Forgot to say: 'winbind use default domain = Yes'. > > Then remove it, you cannot use it with multiple domains. > > Rowland, Andrew some month ago here say that now 'winbind use default > domain > Yes' works as expected, eg in a multidomain/forest environment, > permit to > not add the 'defauklt0 domain.Can you provide a link to where Andrew said this ? The smb.conf manpage still says this about 'windows use default domain': Users without a domain component are treated as is part of the winbindd server's own domain. And: This option should be avoided if possible. It can cause confusion about responsibilities for a user or group. Rowland