Am unable to pull user defined UID and GID Attributed from Active Directory. According to the directive idmap_ad should support it. ?? smb.conf workgroup = Domain realm = Domain.com security = ads kerberos method = secrets and keytab winbind offline logon = true idmap config Domain : unix_nss_info = yes idmap config Domain : unix_primary_group = yes idmap config Domain : backend = ad idmap config Domain : schema_mode = rfc2307 idmap config Domain : range = 9999999990000-199999 log file = /var/log/samba/log.%m max log size = 50 log level = 10 winbind refresh tickets = Yes winbind enum users = yes winbind enum groups = yes
samba-python-4.4.4-14.el7_3.x86_64 samba-pidl-4.4.4-14.el7_3.noarch samba-libs-4.4.4-14.el7_3.x86_64 samba-winbind-krb5-locator-4.4.4-14.el7_3.x86_64 samba-winbind-4.4.4-14.el7_3.x86_64 samba-krb5-printing-4.4.4-14.el7_3.x86_64 samba-common-4.4.4-14.el7_3.noarch samba-common-libs-4.4.4-14.el7_3.x86_64 samba-client-4.4.4-14.el7_3.x86_64 samba-winbind-clients-4.4.4-14.el7_3.x86_64 samba-test-libs-4.4.4-14.el7_3.x86_64 samba-devel-4.4.4-14.el7_3.x86_64 samba-common-tools-4.4.4-14.el7_3.x86_64 samba-4.4.4-14.el7_3.x86_64 samba-vfs-glusterfs-4.4.4-14.el7_3.x86_64 samba-client-libs-4.4.4-14.el7_3.x86_64 samba-winbind-modules-4.4.4-14.el7_3.x86_64 samba-dc-libs-4.4.4-14.el7_3.x86_64 samba-dc-4.4.4-14.el7_3.x86_64 samba-test-4.4.4-14.el7_3.x86_64
Here is the directive want to leverage? https://wiki.samba.org/index.php/Idmap_config_ad
Can you upload all winbind logs (log.w*) after setting "debug level = 10" and restarting winbind? Thanks, Volker
(In reply to Richard from comment #3) idmap config Domain : range = 9999999990000-199999 looks invalid...
This is not a bug User was using Samba 4.4.4, but the 'idmap config' lines were for Samba >= 4.6.0, also, as Metz pointed out, the range was invalid. There were also no default domain '*' 'idmap config' lines