On Tue, Jul 16, 2013 at 01:16:02PM -0400, Matthew Daubenspeck wrote: > On Tue, Jul 16, 2013 at 05:22:14PM +0100, Rowland Penny wrote: > > Yes, you can use ADUC but you need to have provisioned samba4 with > > --use-rfc2307 > > You can also add the uidNumber & gidNumber with an ldif and ldapmodify > > or ldbmodify. Have a look here: > > [1]http://linuxcostablanca.blogspot.com.es/2012/02/samba-4-posix-domain > > -user.html > > Without the uidNumber & gidNumber, using the ad backend, Winbind will > > not display any users, with uidNumber & gidNumber, Winbind will only > > display the users & groups that have them. > > If you do not want to enter the uidNumber etc, have a look at sssd, > > this will do all that Winbind does without all the hassle. > > Rowland > > That must be the problem. The wiki had no mention of provisioning with > --use-rfc2307. I'll redo that and try again.
I re provisioned the whole works, rejoined the member server. Now in ADUC I can see the NIS domain name and UID, as well is being part of a primary group (after I created one). It works perfectly on the DC server, but still nothing seems to propagate to the member server. DC: # id testuser uid=10001(NWLTECH\testuser) gid=100(users) groups=100(users) Member: # id testuser id: testuser: no such user I've turned the log level to 3, and the only error I see is: [2013/07/16 14:37:05.757568, 1] ../source3/winbindd/idmap_ad.c:653(idmap_ad_sids_to_unixids) Could not get unix ID for SID S-1-5-21-1953420892-2023128348-2744795462-513 And the SIDs change as I query for different users... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
