search for: stalewski

Hello list. The issue I have is that with the changes made to the idmap functionality of winbind, as regards the enumeration of rfc2307 users and groups using getent passwd and getent group, only those AD users that are not in the domains included in the "idmap config (domain)" statements (the ones in trusted domains that get their ID mappings auto-assigned by the TDB backend with

I ran some tests to see why getent passwd was not enumerating my domain users and discovered this: If I getent passwd <username> it returns the user information including the primary group defined in the Unix attributes. If I add a Unix GID in the idmap config range to the domain's Domain Users group and getent passwd, it returns all of my domain users with all of the Unix attributes as

Greetings, I have had Samba/Winbind/Kerberos single-sign-on authentication working for a few years now, for a single domain, and it works great. It pulls the RFC2307 populated attributes just like you'd expect, and people get the IDs mapped according to their attributes in AD. This works for version 3.2.7 and 3.4.3. I had to give the domain's Domain Users group a gid in the range of

I have the following configuration: SuSE Linux Enterprise 11, X86_64 Packages installed with SLES11 or updated from SLES update repo: Samba 3.2.7-11.20.1 MIT Kerberos 5 1.6.3-133.33.1 OpenLDAP 2.4.12-7.18.1 Cyrus SASL 2.1.22-182.20.1 Have one server set up joined to AD (Win2K3 R2) domain as a member server, based primarily on scottlowe's blog instructions. Trying to get a 2nd SLES11

Samba Team, I have posted this issue before but it seems to have gotten "lost in the storm." I have several Linux servers set up to authenticate users using AD credentials. The one server that actually works right is running Samba 3.2.7. The presence of RFC2307 attributes in the user object, in conjunction with a UID in the range set in smb.conf determines whether the user enumerates,