samba 4 idmap problem
jonnt at taylortelephone.com
Thu Oct 7 09:51:45 MDT 2010
Thank for your replay. I will try the RID stuff and see how it goes.
On 10/07/2010 12:42 AM, Kai Blin wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 2010-10-06 17:35, Taylor, Jonn wrote:
>> Seems that each system is making up it own id's. Both the centos and
>> fedora systems have the same idmap settings.
>> idmap uid = 3000000-4000000
>> idmap gid = 3000000-4000000
> That means you're not setting an idmap backend, so this defaults to
> "tdb" on the 3.5 boxes. In turn, this means that all three systems are
> creating id mappings on an as-needed basis, creating uids and gids in
> the order of the users/groups that request ids.
> Unless you use some scheme that keeps the unixids in sync across the
> network, you'll always be seeing this. Possible solutions include using
> the "rid" backend to idmap, which will add the sid's RID part to the
> idmap base. If you only have users coming in from one domain, that
> should be fine for the 3.5 boxes.
> The Samba4 idmap implementation is less sophisticated and only knows
> about the "tdb"-like counting up unixids. Nothing much that can be done
> about this right now. We're currently investigating the most viable way
> to fix this.
> - --
> Kai Blin
> Worldforge developer http://www.worldforge.org/
> Wine developer http://wiki.winehq.org/KaiBlin
> Samba team member http://www.samba.org/samba/team/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> -----END PGP SIGNATURE-----
More information about the samba-technical