[Samba] Issues post AD migration
Rowland Penny
rpenny at samba.org
Fri Apr 13 12:26:24 UTC 2018
On Fri, 13 Apr 2018 11:50:55 +0000
Praveen Ghimire <PGhimire at sundata.com.au> wrote:
> Hi Rowland,
>
> The group was in /etc/group and LDAP. Post the AD migration, the
> group didn’t show up in AD. We then added the group in AD, will check
> if it has a gid number. If AD doesn’t have gid, can I remove the
> group /etc/group and assign it the same gid in AD?
>
> The group in question was one of many which had the same issue, hence
> the question about importing missed groups in AD
>
First things first, you cannot have users or groups in /etc/passwd
or /etc/group and in AD. To be an AD user or group, they must exist
only in AD.
If you have groups in /etc/group that didn't make it to your AD, then
this probably because they were mapped to other domain groups.
If you need these groups in AD, then you will have to create them in AD
manually, but you will very probaly have to remove them from /etc/group
first. You can use the gidNumber from /etc/group when creating the
group in AD.
As far as Samba AD is concerned, you only need uidNumber & gidNumber
attributes if anything is stored on a Unix machine, windows will ignore
them.
Rowland
More information about the samba
mailing list