[Samba] winbind on server have different UIDs on each Member Server

William Antonin antonin at geovariances.com
Fri May 23 02:56:56 MDT 2014 

Hello

I have a big problem.

I'm in labs situation with  2 domain controllers DC1,DC2 samba 4 (Ubuntu
14.04) in different networks and each of them have a client (Ubuntu 12.04).



When I want to get  uid/gid, I use "wbinfo –i user" and I get the same
results on each clients if they have the same configuration. It's ok for
client.



But when I install winbind on servers (Ubuntu 14.04), just to be able to
use the wbinfo command, I can use "wbinfo –i name" but on my 2 DCs I get a
not expected result for the uid/gid. It seems that the idmap mapping is not
interpreted.



Here is my smb.conf excerpt and the results on a client and a server:



Excerpt smb.conf of server

Global parameters

[global]

                workgroup = PREVERT

                realm = PREVERT.LAN

                netbios name = DCFR

                server role = active directory domain controller

                server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbind, ntp_signd, kcc, dnsupdate

                idmap_ldb:use rfc2307 = yes

                winbind nss info = rfc2307



[netlogon]

                path = /var/lib/samba/sysvol/prevert.lan/scripts

                read only = No



[sysvol]

                path = /var/lib/samba/sysvol

                read only = No



Excerpt smb.conf of client

[global]

; Basic server settings

  workgroup = PREVERT

  realm = PREVERT.LAN

  smb ports = 139



  log file = /var/log/samba/%m.log

  max log size = 1024



; security options

  ;hosts allow = 10.1.1. 127.0.0.1

  security = ADS

  null passwords = no

  password server = dcfr.prevert.lan

  encrypt passwords = yes

  guest ok = no

  invalid users = root bin daemon named sys tty disk mem kmem users sshd



  idmap config PREVERT:backend = rid

  idmap config PREVERT:schema_mode = rfc2307

  idmap config PREVERT:range = 10000-19999

  idmap config PREVERT:read only = yes



  winbind nss info = rfc2307





  winbind uid = 60000-70000

  winbind use default domain = Yes

  winbind enum users = Yes

  winbind enum groups = Yes





  wins server = dcfr.prevert.lan





  inherit acls = Yes







  template homedir = /home/%U

  template shell = /bin/false













Wbinfo –I bob sur client

bob:*:11106:10513:bob:/machine1/home/bob:/bin/sh

Wbinfo –I guy sur server

PREVERT\bob:*:10000:10000::/home/PREVERT/bob:/bin/false


Someone can help me, please.

More information about the samba mailing list