Samba4: idmap replication between 2 DC's

Andrew Bartlett abartlet at samba.org
Thu Jul 12 05:02:58 MDT 2012


On Thu, 2012-07-12 at 12:58 +0200, steve wrote:
> On 12/07/12 12:21, Andrew Bartlett wrote:
> > On Thu, 2012-07-12 at 12:03 +0200, steve wrote:
> >
> >> The id numbers are NOT being take from AD, they are being taken from idmap.
> >
> > Do you have:
> > idmap_ldb:use rfc2307 = yes
> > set on both DCs?
> >
> > Thanks,
> >
> Yes, on both DC's.
> 
> If I create a user say, s10 on DC1:
> 
> getent passwd s10
> s10:*:4000000:20513:s10:/home2/MARINA/s10:/bin/bash
> and
> wbinfo -i s10
> MARINA\s10:*:4000000:20513::/home/MARINA/s10:/bin/false
> 
> It replicates to DC2:
> getent passwd s10
> s10:*:4000000:20513:s10:/home2/MARINA/s10:/bin/bash
> but
> wbinfo -i s10
> MARINA\s10:*:3000020:20513::/home/MARINA/s10:/bin/false
> 
> wbinfo has not taken the info from the directory but instead created a 
> new entry in it's own idmap.ldb with the wrong id.
> 
> I remember you said in an earlier thread that
> idmap_ldb:use rfc2307 = yes
> did not apply to s3fs with AD

I never said that.  You misread a consideration about about a proposal
from a developer for changes to the 's3' winbindd that isn't yet in the
tree. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org



More information about the samba-technical mailing list