[Samba] AD and Linux UID/GID best practices.
Sven Schwedas
sven.schwedas at tao.at
Tue Feb 18 05:24:43 MST 2014
On 2014-02-18 13:03, Chan Min Wai wrote:
> On Tue, Feb 18, 2014 at 6:37 PM, Sven Schwedas <sven.schwedas at tao.at
> <mailto:sven.schwedas at tao.at>> wrote:
>
> Hi,
>
> On 2014-02-18 10:39, Chan Min Wai wrote:
> > Dear All,
> >
> > I've some question.
> >
> > When I create new users/groups in AD DC. It seem that I still need
> to add UID and GID in unix attribute.
> >
> > Possible my setup on rfc2370.
> > So I would like to check if there is any other way to do this
> without configuring UID and GID?
>
> Short answer: No.
>
> Long answer: Most certainly no, unless you don't need an AD in the first
> place. If you're using neither Winbind nor SSSD and authenticate with
> some hacked together LDAP adapter it might work, but you'll probably get
> different UIDs/GIDs on different machines, which will create problems
> sooner or later, and isn't half as reliable for authentication.
>
> >
> > Thank you.
> >
> > Regards,
> > Chan Min Wai
> >
>
> --
> Mit freundlichen Grüßen, / Best Regards,
> Sven Schwedas
> Systemadministrator
> TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
> Mail/XMPP: sven.schwedas at tao.at <mailto:sven.schwedas at tao.at> | +43
> (0)680 301 7167 <tel:%2B43%20%280%29680%20301%207167>
> http://software.tao.at
>
>
> Hi Sven
>
> Can we directly use the SID from samba (by removing the rfc2370 in this
> case)
> Oh we must have GID and UID setup manually(I meant at lease need to add)
As far as I know, yes, GID and UID have to be allocated explicitly. SIDs
are used internally by Samba, but there's no stable mapping algorithm.
>
> Thank you.
>
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140218/ee1022d7/attachment.pgp>
More information about the samba
mailing list