Sorry, yeah, I have munged it.
I did some further checking and found it works fine for the 1 user which
is on the home domain. It's users from other trusted domains which are a
CLDAP messages are getting rejected by the DCs, but Samba instead says
"DC not found". I've asked the domain admins if they can change the
client signing requirements on the trusted domain I need access to.
From: Doug VanLeuven [mailto:roamdad@xxxxxxxxx]
Sent: 03 April 2008 23:11
To: Naadir Jeewa
Subject: Re: [Samba] Winbind ignores idmap configuration (3.0.28a)
-----BEGIN PGP SIGNED MESSAGE-----
Naadir Jeewa wrote:
| After having my Samba server joined to a domain, I'm now having
| difficulties configuring winbind. I want to use the idmap_rid backend,
| and have recompiled Samba from scratch with the requisite rid.so
| However, no matter how "idmap domains / idmap config" is set up, it
| seems to get totally ignored. Here is my smb.conf:
| workgroup = DEPARTMENTDOMAIN
| server string = NAS Samba Server Version %v
| log file = /var/log/samba/log.%m
| max log size = 50
| security = ads
| realm = DEPARTMENTDOMAIN
Unless you munged this for the list, it should be the REALM which is (at
least in windows) usually the DNS domain.
If you set it to the workgroup name, that would be a reason it can't
find the DC.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
To unsubscribe from this list go to the following URL and read the