On Tue, 2013-07-23 at 11:25 +0200, steve wrote: > On Tue, 2013-07-23 at 10:05 +0100, Jonathan Buzzard wrote: > > > > > It's probably still not working for him because he needs to clear the > > now poluted cache/database that winbind has created from previous > > attempts. Using net cache flush might work. Personally I would stop > > samba delete the tdb files and start it again, redo the domain join and > > try it. > > Just thought about nscd too. On some distros it's default. . .
Another thought. The primary windows group of the account has to have unix attributes. For reasons I cannot fathom the gidNumber attribute of the account is not used by winbind and instead the primaryGroupID is used. If this group does not have a GID set then the lookup fails! I guess best practice is to keep the GID of the primaryGroupID and the gidNumber of the user the same but I don't understand why it is the way it is. JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
