Displaying 4 results from an estimated 4 matches for "mssfu30".
2016 Nov 21
2
Use of gidNumber attribute in user entry
...nis-domain:
>
> Correct
>
>
> > > ERROR: Both --gid-number and --nis-domain have to be set for a
> > RFC2307-enabled group. Operation cancelled.
> >
> > What value should I put for nis-domain? Just the workgroup name?
> > AFAICS it ends up in the "msSFU30NisDomain" attribute but I don't
> > know what this is used for, or why it's mandatory.
>
> It was added because this is what ADUC does when adding Unix attributes.
>
Microsoft AD emulates NIS+ (ex Yellow Pages). NIS are organised in domains.
For that they added some upd...
2005 Oct 29
1
winbind capabilities
...currently using NIS for directory/authenitication services, and all
users (2000+) have existing UIDs/GIDs that need to be maintained (due to
being spread out all over the place; we don't think we could do any kind
of controlled migration of this data, etc). Our directory schema
already has the msSFU30 schema added.
I've done extensive research, and it seems my options are:
1) implement services for unix on a windows server
2) use straight LDAP auth (LDAP NSS, LDAP pam)
3) use LDAP in NSS and kerb in pam
4) use LDAP in NSS and winbind in pam
>From what I undrestand, there is no feesable...
2009 Jul 17
0
Help with configuration of winbind and idmap backend = ad
...system with
Samba/NFS).
All users on my network have AD accounts. Only about 25% of those users
also have UNIX accounts. They have the same username. I installed SFU on
our domain controllers and ran a script against our NIS and
automatically populated all Windows users with UNIX accounts with the
msSFU30* information from NIS.
Now the problem I'm having. I can start winbind, but "getent passwd"
won't reveal any information from Active Directory. I have set the
winbind and idmap debug level to 10, and I see entries like this in
winbind.log:
[2009/07/16 16:01:15, 10] winbindd/idma...
2016 Nov 21
2
Use of gidNumber attribute in user entry
...gid-number for the group it rejects the request unless I
also pass in a --nis-domain:
> ERROR: Both --gid-number and --nis-domain have to be set for a
RFC2307-enabled group. Operation cancelled.
What value should I put for nis-domain? Just the workgroup name? AFAICS
it ends up in the "msSFU30NisDomain" attribute but I don't know what
this is used for, or why it's mandatory.
(3) It's traditional in Unix circles to have a primary group per user
with the same name as the user, as this makes it feasible to use umask
0002 and easy file sharing. Does this approach have t...