Proposal/Idea: Remove support for using rfc2307 attributes for s4 id-mapping?

steve steve at
Mon Oct 15 09:10:39 MDT 2012

On 15/10/12 16:51, Michael Adam wrote:

> - Addressing one frequent request:
>    There is no good reason I know for requiring a user/group to
>    have the same unix-ID on all DCs for a given domain.

It is of vital importance for those of us who have Linux clients in the 
domain and serve them using NFS, that uidNumber and gidNumber remain the 
same no matter which DC is queried. When a user or group is created, we 
add the necessary rfc2307 classes and attributes to AD. We bypass 
idmap.ldb altogether. idmap_use:rfc2307 = Yes allows us to do this.

Please do not remove this excellent facility.
-1 to the proposal.

More information about the samba-technical mailing list