Samba/winbind 到 AD - 使用者標識映射

伙計們，我從我的 AD 中遇到了 UID 映射問題。

我得到了 Centos 5.5 x64 盒子和 AD witk 2k8 Windows Server。

問題在於使用者名映射。例子：

getent passwd XF-DEV+prouser01:*:16777231:16777230:Prouserf Prousern:/home/prouser01:/bin/bash

我的 smb.conf 是

   log file = /var/log/samba/log.%m
   log level = 1
   workgroup = XF-DEV
   password server = xf-dev
   realm = XF-DEV
   security = DOMAIN
   wins server  = 10.105.59.98
   idmap uid = 16777216-33554431
   idmap gid = 16777216-33554431
   winbind enum users = yes
   winbind enum groups = yes
   winbind separator = +
   template shell = /bin/bash
   winbind use default domain = no
   winbind enum users = yes
   winbind enum groups = yes
   template homedir = /home/%U
   domain master = no
   local master = yes
   preferred master = no
   dns proxy = no

有沒有可能我會做su - prouser01而不是su - XF-DEV+prouser01？

wbinfo -u和的輸出wbinfo -g是相同的（我的意思是前面有域`。

解決方法是更改 winbind use default domain = no​​為winbind use default domain = yes

prouser01:*:16777231:16777230:Prouserf Prousern:/home/prouser01:/bin/bash

引用自：https://serverfault.com/questions/514138