Samba4: idmap replication between 2 DC's
steve
steve at steve-ss.com
Thu Jul 12 10:47:49 MDT 2012
On 12/07/12 15:11, Andrew Bartlett wrote:
> On Thu, 2012-07-12 at 14:43 +0200, steve wrote:
>> On 12/07/12 11:25, Andrew Bartlett wrote:
>>> On Wed, 2012-07-11 at 21:23 +0200, Gémes Géza wrote:
>>>> 2012-07-11 10:58 keltezéssel, steve írta:
> Steve,
>
> Then I think your task is clear. Please add whatever debugging you feel
> is required to the relevant idmap code and work out why the mappings are
> not returned.
>
> Thanks,
>
Hi Andrew, hi everyone
I am getting closer. To begin with,
samba-tool user add <user>
always creates an entry in idmap.ldb
If we want
idmap_ldb:use rfc2307 = yes
to work, we must delete the entry in idmap.ldb immediately after the
user is created.
That solves the problem for uidNumber on both DC1 and DC2. We can easily
change our useredd scripts to do that after we have added the necessary
rfc2307 attributes and classes.
For groups however removing the idmap.ldb entry does not work. Upon a
wbinfo --group-info=<group> a new entry is created in idmap.ldb.
Is this correct? Once again, this causes problems as the idmap entries
on the replicating DC's are not the same.
Can we get the gidNumber to be read from the directory too?
Cheers,
Steve
More information about the samba-technical
mailing list