restoring winbindd_idmap.tdb file

[Rowland Penny]

On Tue, 29 Apr 2025 22:17:38 -0400
Chris Chupela via samba-technical <samba-technical at lists.samba.org>
wrote:

This isn't really the place for this, in my opinion you should have
posted to the samba mailing list, but you are here now.

> I recently had to remove and re-add a RH 6.10 server 

You have re-added a dead distro (presumably with an equally dead
version of Samba) ?
 
> (ad domain
> joined with winbind), due to a failed server replacement. Problem I
> ran into is that domain accounts that had permissions on the file
> system (home directories) were assigned new UID/GID's when I rejoined
> the domain, thus blocking access to files/dirs they previously had
> access to.

This shouldn't have happened, provided that the smb.conf file was setup
correctly, the only users & groups that could have got different IDs
would be ones from the BUILTIN domain.

> 
> (did not make any changes to the smb.conf file during all of this).
> 
> I did copy /var/lib/samba/*.tdb to a backup directory, and cleared the
> cache prior to re-adding the server back to the domain.  If I was to
> do the following:
> 
> 1. stop winbind and smb
> 2.  dump the contents of the old winbindd_idmap.tdb file to a text
> file 3.  make another backup of /var/lib/samba
> 4. delete the existing winbindd_idmap.tdb file from /var/lib/samba
> 5.  start winbind and smb back up
> 6. restore the dump file created in step 2 with net idmap restore
> (feeding it the dump file)

Why did you do that, there is no need and it probably has something to
do with your problem, winbind would have created it again.

> 
> Could I expect that this will restore access to the homedirs/files
> with the correct UID/GID's from the copy of winbindd_idmap.tdb that I
> made? Thx.

I have no idea, I haven't seen your smb.conf , so have no idea just how
you are running Samba. I suggest you post your smb.conf (preferably to
the samba mailing list) and lets take it from there.