RFC2307 on a Samba DC - HowTo

Rowland Penny repenny241155 at gmail.com
Sun May 18 13:43:50 MDT 2014

On 18/05/14 19:38, Giuseppe Ragusa wrote:
>> Hello,
>> I've finished a new HowTo this week (please proofread):
>> https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC
>> Regards,
>> Marc
> Hi,
> Looks good to me, but I wonder if the long standing quirk of ignoring
> the "primary Group ID" RFC2307 attribute and honouring Windows-side
> group settings for primary group too is still in effect and
> must be someway described in the wiki page (it affected Winbind for
> sure, never tested SSSD).

Now I could be acting stupid here by asking this, but what "primary 
group ID" RFC2307 attribute are you referring to?

The 'primaryGroupID'  attribute is a windows attribute and has nothing 
to do with Unix, you need to use the 'gidNumber' attribute.


> I think (and reported about two years ago on this list) that up to
> Samba 3.5.0 the behavior was different (primary group taken from
> POSIX attributes in RFC2307 fields), but changed afterwards and could
> be the culprit behind:
> https://bugzilla.samba.org/show_bug.cgi?id=8694
> https://bugzilla.samba.org/show_bug.cgi?id=7582
> https://bugzilla.samba.org/show_bug.cgi?id=8905
> I even started an (aborted, unfortunately) effort at adding back the
> former behavior through a configuration option (totally rewritten id mapping
> plugin structure made the relevant information "unavailable where needed"
> and would so require a substantial development work beyond my possibilities atm).
> Regards,
> Giuseppe

More information about the samba-technical mailing list