Now that I know what to look for I found the relevant page https://wiki.samba.org/index.php/Idmap_config_ad On Tue, Jan 30, 2018 at 11:28 AM, Jeff Sadowski <jeff.sadowski@xxxxxxxxx> wrote: > Andreas Schneider: helped me fix the issue. > Seems there was a flag I was missing from my smb.conf file that is > needed in fedora. > I needed the line > > idmap config SUBDOMAIN:unix_nss_info = yes > > added to my smb.conf > > On Fri, Jan 26, 2018 at 12:48 PM, Jeff Sadowski <jeff.sadowski@xxxxxxxxx> wrote: >> On Thu, Jan 25, 2018 at 11:33 PM, Jeff Sadowski <jeff.sadowski@xxxxxxxxx> wrote: >>> On Thu, Jan 25, 2018 at 11:31 PM, Jeff Sadowski <jeff.sadowski@xxxxxxxxx> wrote: >>>> On Wed, Jan 24, 2018 at 7:03 PM, Jeff Sadowski <jeff.sadowski@xxxxxxxxx> wrote: >>>>> On Wed, Jan 24, 2018 at 4:36 PM, Patrick O'Callaghan >>>>> <pocallaghan@xxxxxxxxx> wrote: >>>>>> On Wed, 2018-01-24 at 16:25 -0700, Jeff Sadowski wrote: >>>>>>> My AD has the rfc2307 flags to provide home directories and shells. >>>>>>> The ubuntu 16.04 and centos 6.9 correctly get the AD flags for the >>>>>>> home directory and shells. >>>>>> >>>>>> [Please don't top-post, it makes threads hard to follow] >>>>>> >>>>>> I'm no Samba expert but I recently had an issue which required some >>>>>> SElinux configuration to fix. If you have SElinux enabled, take a look >>>>>> at https://linux.die.net/man/8/samba_selinux >>>>>> >>>>> SeLinux is disabled for now. If I get it working I'll try to reenable it. >>>>> >>>>>> poc >>>>>> _______________________________________________ >>>>>> users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx >>>>>> To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>> >>>> It is as if windbind was build without support for rfc2307 or winbind >>>> is using some other file other than /etc/samba/smb.conf. >>>> >>>> I am suspecting the later because of some issues when I run authconfig >>>> with different templates then replace smb.conf >>>> the templates I had set with authconfig show up with >>>> [root@fedora27 ~]# getent passwd jefftest >>>> even though smb.conf doesn't have those templates. >>> >>> I am replacing smb.conf with the one I list above. >> >> Another thing I notice is that >> [root@fedora27 ~]# getent passwd jefftest >> returns the same info with winbind stopped. >> which is odd. >> Where is getent getting the user from? >> >> I edited /etc/nsswitch.conf to look as follows >> >> passwd: files winbind >> shadow: files >> group: files winbind >> hosts: files mdns4_minimal [NOTFOUND=return] nis dns myhostname >> bootparams: nisplus [NOTFOUND=return] files >> ethers: files >> netmasks: files >> networks: files >> protocols: files >> rpc: files >> services: files >> netgroup: files >> publickey: nisplus >> automount: files >> aliases: files nisplus _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
