Winbind Stuff
By Tony Hoyle
Winbind stuff
I’m not going to go into how to setup a machine with winbind, becuase it involves writing smb.conf and judging by the sites I visited doing this, the syntax changes rapidly enough that anything I write will be obsolete in 6 months.
Instead I’ll just point you at the source:
- https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
- https://wiki.samba.org/index.php/Idmap_config_ad
Things I found whilst adding a server this way - bearing in mind I’m using RFC2307 throughout not rid:
- It’s mandatory to give ‘Domain Users’ a uid. If you don’t, commands will fail with wierd errors like ‘domain not found’.
- It will also add a bunch of BUILTIN/xx groups. This cannot be disabled..
- rfc2307 has a range filter. It’s mandatory but it can be set to 0-99999 and that mimics sssd behaviour.
- If you forget the idmap config * section it’ll fail with random errors.
- If you’re on debian 12 it’s really recommended to upgrade to testing as there are some fixes (same for the samba4 DC).