Comment # 15
on bug 1202141
from robert spitzenpfeil
Leap 15.4 / 15.2 (and TW) work _after_ making a modification to the
auto-generated /etc/samba/smb.conf file (as previously documented on here
somewhere). I don't remember where I got these edits from anymore.
These edits are _the same_ for Leap 15.2 / 15.4 and TW
I have to replace the section:
[global]
workgroup = ADS
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
> idmap config * : backend = tdb
> idmap config * : range = 10000-20000
> idmap config ads : backend = rid
> idmap config ads : range = 20001-99999
kerberos method = secrets and keytab
realm = ADS.XXX.XXX
security = ADS
template homedir = /home/%D/%U
template shell = /bin/bash
winbind refresh tickets = yes
with
[global]
workgroup = ADS
passdb backend = tdbsam
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
> idmap gid = 10000-20000
> idmap uid = 10000-20000
kerberos method = secrets and keytab
realm = ADS.XXX.XXX
security = ADS
template homedir = /home/%D/%U
template shell = /bin/bash
winbind refresh tickets = yes
This may be related to our AD setup, but I can't make any comments on why.
getent passwd / group only shows local stuff. "id" shows correct group
membership for AD users (after the mod).