Samba4: idmap replication between 2 DC's
Gémes Géza
geza at kzsdabas.hu
Wed Jul 11 15:45:46 MDT 2012
2012-07-11 21:44 keltezéssel, steve írta:
> On 11/07/12 21:23, Gémes Géza wrote:
>> 2012-07-11 10:58 keltezéssel, steve írta:
>>> Hi
>>> Is it possible to get idmap.ldb replicated across 2 DC's as well as
>>> the directory partitions?
>>>
>>> I make changes to id mappings for our Linux users. This is not a
>>> problem with NFS, but becomes an issue when Linux users are working on
>>> cifs mounted shares. The uidNumber issued by DC2 is not the same as
>>> the uidNumber issued by DC1.
>>>
>>> Cheers,
>>> Steve
>> Hi Steve,
>>
>> If you put
>> idmap_ldb:use rfc2307 = yes
>> in your smb.conf then setting the uids gids in AD will guarantee that
>> they are the same across your samba4/s3fs servers, because then they
>> will get that from AD instead of their private idmap (with a fail-back
>> to idmap, if the entry has no uid/gid set).
>>
>> Regards
>>
>> Geza
> Hi Geza
> I don't think
> idmap_ldb:use rfc2307 = yes
> works in Samba4 with s3fs
>
> It doesn't appear as an option in
> testparm -v either
>
> It doesn't have any effect here even though we store all our rfc2307
> information in the directory.
>
> Quote from the other thread:
> 's3fs and the Samba4 DC use a different winbindd implementation to the
> one that Christof is patching. For that reason, these patches simply
> won't have any benefit for you on the Samba4 DC.
> Cheers
> Andrew Bartlett'
>
> Geza, does it work for you?
Yes, but my test domain was upgraded from samba3 in which case the
provision automatically puts idmap_ldb:use rfc2307 = yes in smb.conf
I don't know s3fs where does sid<->xid operations, but with wbinfo I've
checked and the information is retrieved from AD.
Regards
Geza
More information about the samba-technical
mailing list