search for: cojoin

...y > You also have 'unix password sync = Yes', you should remove this, you cannot > have users in /etc/passwd and AD. Actually, as far as a base statement, you can have both, that is, the idea of a username in Windows AD and the same username in /etc/passwd. The namespaces are not cojoined. However, that doesn't mean "unix password sync" is ok. I don't know enough about the assumptions being made inside of samba with regards to that. Note, having the same username in the two namespaces can cause some ambiguity. As simply reporting a username doesn't ident...

OK for the DC. I noticed that converting users and groups to sid with the example below seems to work fine: # wbinfo -n DOMAIN\\user S-1-5-21-948789634-15155995-928725530-6864 SID_USER (1) # wbinfo -n DOMAIN\\group S-1-5-21-948789634-15155995-928725530-11178 SID_DOM_GROUP (2) However, applications using PAM and winbind seem to fail when trying to convert to sid. For instance, just to name one,