samba 4 idmap problem

Taylor, Jonn jonnt at
Thu Oct 7 09:51:45 MDT 2010

  Thank for your replay. I will try the RID stuff and see how it goes.


On 10/07/2010 12:42 AM, Kai Blin wrote:
> Hash: SHA1
> On 2010-10-06 17:35, Taylor, Jonn wrote:
>>   Seems that each system is making up it own id's. Both the centos and
>> fedora systems have the same idmap settings.
>>     idmap uid = 3000000-4000000
>>     idmap gid = 3000000-4000000
> That means you're not setting an idmap backend, so this defaults to
> "tdb" on the 3.5 boxes. In turn, this means that all three systems are
> creating id mappings on an as-needed basis, creating uids and gids in
> the order of the users/groups that request ids.
> Unless you use some scheme that keeps the unixids in sync across the
> network, you'll always be seeing this. Possible solutions include using
> the "rid" backend to idmap, which will add the sid's RID part to the
> idmap base. If you only have users coming in from one domain, that
> should be fine for the 3.5 boxes.
> The Samba4 idmap implementation is less sophisticated and only knows
> about the "tdb"-like counting up unixids. Nothing much that can be done
> about this right now. We're currently investigating the most viable way
> to fix this.
> Cheers,
> Kai
> - -- 
> Kai Blin
> Worldforge developer
> Wine developer
> Samba team member
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla -
> O00An1YSpVBmRzYCePySJHZr0xdw3ua8
> =0Bmi

More information about the samba-technical mailing list