这是我当前的设置:我们有 2 个域,分别名为 TEST1 和 TEST2。
TEST1 域是成功集成我的 Linux 客户端的默认域。
但是必须从另一个名为 TEST2 的受信任域接收用户和组凭据。
必须从 TEST2 AD 服务器获取 UID(uidNumber)和 GID。以下是smb.conf
文件内容。
[global]
workgroup = TEST1
realm = TEST1.LOCAL
netbios name = LIN01
security = ads
winbind offline logon = no
allow trusted domains = yes
winbind enum users = no
winbind enum groups = no
winbind use default domain = yes
template home dir = /home/%U
template shell = /bin/bash
idmap config * : backend = tdb
idmap config * : range = 2000000-2999999
idmap config TEST2 : backend = ad
idmap config TEST2 : schema_mode = rfc2307
idmap config TEST2 : range = 1000-1999999
winbind nss info = rfc2307
# wbinfo -i TEST2\\user2
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user TEST2\user2
# wbinfo -i TEST1\\user1
user1:*:2000000:2000004:user1:/home/user1:/bin/bash