winbind id 映射问题
winbind id mapping issue
我已经将 SLES 15 sp 2 服务器集成到 Windows 2019 AD server.I 可以使用 Linux systems.However uid/gid 中的广告用户 ID 登录未反映在 ad.We 已为 ad user/group 属性级别的用户设置 uid(例如:uid->8000)、gid、登录 shell 和主目录。这是 smb.conf 文件
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
[global]
workgroup = abcde5
usershare allow guests = YES
idmap config * : backend = tdb
idmap config * : range = 5000000-5999999
idmap config ABC : backend = ad
idmap config ABC : range = 1000-99999
idmap config ABC : schema_mode = rfc2307
idmap config ABC : unix_nss_info = yes
kerberos method = secrets and keytab
realm = ABC.DE5.CORP
security = ADS
template homedir = /home/%U
template shell = /bin/bash
winbind offline logon = yes
winbind use default domain = yes
winbind refresh tickets = yes
log file = /var/log/samba/%m.log
log level = 1
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
de5pw04:/etc/samba # id de5group1u1
uid=5000000(de5group1u1) gid=5000000(域用户) groups=5000000(域用户),5000001(de5group1)
de5pwd04:/etc/samba#
de5pwd04:/etc/samba # wbinfo -V
Version 4.11.14-git.313.d4e302805e14.32.1-SUSE-oS15.0-x86_64
de5pwd04:/etc/samba #
请告诉我,如何为用户
将广告 uid/gid 设置为 Linux 系统
如果您的工作组是 'ABCDE5',那么您的 'idmap config ABC' 行是错误的,它们应该是 'idmap config ABCDE5'。这导致您的用户和群组被放入“*”域。
我已经将 SLES 15 sp 2 服务器集成到 Windows 2019 AD server.I 可以使用 Linux systems.However uid/gid 中的广告用户 ID 登录未反映在 ad.We 已为 ad user/group 属性级别的用户设置 uid(例如:uid->8000)、gid、登录 shell 和主目录。这是 smb.conf 文件
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
[global]
workgroup = abcde5
usershare allow guests = YES
idmap config * : backend = tdb
idmap config * : range = 5000000-5999999
idmap config ABC : backend = ad
idmap config ABC : range = 1000-99999
idmap config ABC : schema_mode = rfc2307
idmap config ABC : unix_nss_info = yes
kerberos method = secrets and keytab
realm = ABC.DE5.CORP
security = ADS
template homedir = /home/%U
template shell = /bin/bash
winbind offline logon = yes
winbind use default domain = yes
winbind refresh tickets = yes
log file = /var/log/samba/%m.log
log level = 1
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
de5pw04:/etc/samba # id de5group1u1
uid=5000000(de5group1u1) gid=5000000(域用户) groups=5000000(域用户),5000001(de5group1) de5pwd04:/etc/samba#
de5pwd04:/etc/samba # wbinfo -V
Version 4.11.14-git.313.d4e302805e14.32.1-SUSE-oS15.0-x86_64
de5pwd04:/etc/samba #
请告诉我,如何为用户
将广告 uid/gid 设置为 Linux 系统如果您的工作组是 'ABCDE5',那么您的 'idmap config ABC' 行是错误的,它们应该是 'idmap config ABCDE5'。这导致您的用户和群组被放入“*”域。