[Samba] Winbindd GID/UID Static Mapping

Errol U. Neal errol.neal at enhtech.com
Wed Jun 4 02:38:04 GMT 2003 

Hi folks,

I am having a significant issue that I cannot seem to resolve on my own. I 
am using samba 3.0 alpha 23 with ads support and winbindd.
My linux samba servers is a part of my windows 2000 Active Directory domain.

Here is my smb.conf file...

# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2002/09/20 13:46:38

# Global parameters
[global]
         workgroup = JCNTV
         realm = JCNTV.PRIVATE
         ADS server = 192.168.0.2
         netbios name = ISAIAH
         interfaces = ##########
         bind interfaces only = Yes
         security = ADS
         #wins server = 192.168.0.2
         encrypt passwords = yes
         #host msdfs = yes
         #msdfs root = no
         winbind gid = 60000-65000
         winbind uid = 60000-65000
         winbind separator = +
         template homedir = /home/%U
         template shell = /bin/bash
         acl compatibility = Win2k
         winbind use default domain = yes

[Inetpub]
         path = /usr/htdocs
         follow symlinks = no
         browsable = yes
         force create mode = 0664
         force directory mode = 0775
         writeable = yes
         write list = @JCNTV+Developers "@JCNTV+Domain Admins"
         nt acl support = yes

[cdimages]
         path = /usr/local/cdroms/export
         public = yes
         writeable = no
         nt acl support = yes

[home]
         path = /usr/home
         follow symlinks = no
         force create mode = 0660
         force directory mode = 0770
         browsable = yes
         nt acl support = yes
         writeable = yes
         public = yes

[public]
         path = /usr/public
         follow symlinks = yes
         force create mode = 0664
         force directory mode = 0775
         browsable = yes
         writeable = yes


The problem that I experience is from time to time, the GID/UID numbers 
just change! To give you an example, one of my windows groups, JCNTV+Domain 
Developers that was originally assigned the GID 60006 was reassigned the 
GID 60010. Now this is hell on my system because files and directories that 
were owned by that group under that GID are now inaccessible to them 
because the winbindd daemon is resolving the gid of the group to something 
different than the original id in the file or directories inode. So, I need 
a solution. Is there a smb.conf directive or something I can do to fix or 
turn off this behavior? Is this a known issue? Any help would be appreciated.

TIA,

Errol Neal

More information about the samba mailing list