Displaying 4 results from an estimated 4 matches for "300000xx".
Did you mean:
30000xx
2015 Oct 09
2
Samba AD PDC , LDAP and Single-Sign-On
...in user in the AD, wbinfo gives:
$ wbinfo -i mark
HPRS\mark:*:3000026:100:Mark Foley:/home/HPRS/mark:/bin/false
Main question: what should the range settings be in my client smb.conf? Or, are
these really bad GID/UIDs to use and I should change them?
Background: why do I have these GID(100) UIDs(300000xx)? The answer is that I
created domain users on the AD via RSAT > Active Directory Users and Computers.
These are apparently the GID and UID range assigned by default. The ADUC >
username > properties > Unix Attributes, UID and GID fields are blank, so I
guess 100:30000xx are picked by d...
2015 Oct 09
0
Samba AD PDC , LDAP and Single-Sign-On
...are
> these really bad GID/UIDs to use and I should change them?
See the smb.conf on the member server wiki page, just be aware that you
can use the same range for users and groups i.e. the uidNumber 10000 is
not the same as gidNumber 10000
> Background: why do I have these GID(100) UIDs(300000xx)? The answer is that I
> created domain users on the AD via RSAT > Active Directory Users and Computers.
> These are apparently the GID and UID range assigned by default. The ADUC >
> username > properties > Unix Attributes, UID and GID fields are blank, so I
> guess 100:300...
2015 Oct 10
2
Samba AD PDC , LDAP and Single-Sign-On
...rstand
AD authentication (well, dovecot might via the LDAP mechanism, but I've not been
able to get that to work after many months of trying). So, sendmail, via
procmail and .procmailrc, delivers mail to the user's Maildir folder in their
home directories -- which are all owned by e.g. 100:300000xx -- from where
Dovecot picks them up for delivery to Outlook and other email clients.
Furthermore, since this AD/DC server is acting as a SBS replacement, the
/redirectedFolders/User/username files and directories are also owned by their
respective users' GID:UID.
So, I *could* change ownershi...
2015 Oct 08
2
Samba AD PDC , LDAP and Single-Sign-On
On Thu, 08 Oct 2015 21:52 Rowland Penny wrote:
> What you cannot do is use GPO's like windows does, everything else is
> possible, you just need to setup the clients correctly.
Excellent! I've been messing around with GPOs on Windows AD domains for years,
more extensively this past year with Samba4 AD/DC and I absolutely hate them.
In my opinion they are yet another attempt by