samba3upgrade clarification on groups
steve
steve at steve-ss.com
Sat May 26 01:34:20 MDT 2012
On 26/05/12 07:43, Andrew Bartlett wrote:
> On Fri, 2012-05-25 at 14:39 -0400, Charles Tryon wrote:
>>
>> However, when I'm done, none of my groups have been imported.
>>
>> What am I missing here? Could this be a problem with not having idmap
>> database from the original (3.0) server?
>
> Yes, that may well be the issue. We can only import groups that are
> mapped in the group_mapping.tdb (as we need something to enumerate to
> discover them).
>
> Andrew Bartlett
Hi
Hope I'm not hijacking the thread.
Would it be possible to have consistent idmappings between Linux
machines in the same domain? We only have a few xp and win 7 clients on
the lan and are using Samba4 AD to store stuff in LDAP.
e.g.
If, on the DC steve2 has a uidNumber:gidNumber pairing of 3000028:20153,
With winbind, it seems to be that steve2's idmap under Linux changes
from computer to computer. The only way we are able to give him his own
consistent set of rfc2307 mappings is to store them in the directory and
pull them back out using e.g. libnss-ldapd. This is amazingly fast when
compared to winbind anyway.
The m$ schema which you guys fought so hard to get for us (thank you),
grants us permission to do this. Why don't we just populate the
attributes that are already in place and sitting there empty under
winbind, instead of using an external idmap?
Cheers,
Steve
More information about the samba-technical
mailing list