[gpfsug-discuss] Question concerning integration of CES with AD authentication system
Jonathan Buzzard
jonathan.buzzard at strath.ac.uk
Thu May 24 15:46:32 BST 2018
On Thu, 2018-05-24 at 14:16 +0000, Skylar Thompson wrote:
> I haven't needed to change the LDAP attributes that CES uses, but I
> do see --user-id-attrib in the mmuserauth documentation.
> Unfortunately, I don't see an equivalent one for gidNumber.
>
Is it not doing the "Samba thing" where your GID is the GID of your
primary Active Directory group? This is usually "Domain Users" but not
always.
Basically Samba ignores the separate GID field in RFC2307bis, so one
imagines the options for changing the LDAP attributes are none
existent.
I know back in the day this had me stumped for a while because unless
you assign a GID number to the users primary group then Winbind does
not return anything, aka a "getent passwd" on the user fails.
JAB.
--
Jonathan A. Buzzard Tel: +44141-5483420
HPC System Administrator, ARCHIE-WeSt.
University of Strathclyde, John Anderson Building, Glasgow. G4 0NG
More information about the gpfsug-discuss
mailing list