Edit existing SID<->UID / SID <->GID entries
Kenny Dinh
kdinh at peaxy.net
Fri Apr 1 00:01:25 UTC 2016
Apparently, I can use "net idmap restore input.txt", where input.txt
contains,
GID 1000027 S-1-5-21-793149494-1688123433-2112087125-1121
to set the GID mapping for a particular SID. I can do the same to map SID
to UID, by specifying UID as a prefix instead of UID.
It seems "net idmap restore" is the method to edit and existing map of
SID<->UID / SID <-> GID.
I'm not sure why the man page as well as --help for "wbinfo
--set-uid-mapping, --set-gid-mapping" and "net idmap setmap" were not
removed.
Was it an omission by mistake?
On Thu, Mar 31, 2016 at 12:41 PM, Kenny Dinh <kdinh at peaxy.net> wrote:
> Hello,
>
> My setup uses a custom script to specify the rule for mapping SID to
> UID/GID.
> I noticed in Samba (possibly 3.6.x), 4.1.x, 4.2.x, and 4.3.x, the ability
> to modify UID/GID of an existing mapping has been removed.
>
> - The options "--set-uid-mapping" and "--set-gid-mapping" in wbinfo has
> been remove and it now returns NOT_IMPLEMENTED.
>
> - "net idmap setmap" has not yet been implemented.
>
> For Samba running as a member server, it seems there is no way to change
> the UID/GID of an existing entry. I saw Michael Adam's change that removed
> those abilities but I could not find the reasoning behind that.
>
> The only way I can see to work around this issue is to delete the existing
> entry (for example SID-1-2-3) and update the custom idmapping script to
> account for that particular SID.
>
> Could some shed some light on why we no longer support ability to edit an
> existing mapping?
>
> Thank you!
>
More information about the samba-technical
mailing list