[Samba] Non-algorithmic RIDs

Tony Earnshaw tonye at billy.demon.nl
Fri May 20 14:08:20 GMT 2005

fre, 20.05.2005 kl. 15.42 skrev Misty Stanley-Jones:

> When I set up my initial users for the Samba domain i did not realize that 
> RIDs were supposed to be dynamic.  I was creating the user as a posixAccount 
> in LDAP, and then adding the Samba elements via a script  that I wrote.  
> Their RIDs are the same as their UID.  For instance if I have a user with 
> uidNumber 1036, her SID would be <domain-SID>-1036.  This is fine except for 
> idmapping for member servers, for ACLs.  I have about 30 users with this 
> problem.  Is there a non-disruptive way for me to convert their RIDs to be 
> algorithmic based on their UIDs, without destroying their roaming profiles 
> etc?  If not I think we will just have to deal with not being able to use 
> ACLs on member servers, but I thought I would query first.  To reiterate, we 
> are using a LDAP backend.

I use 3.0.11/3.0.14a (2 sites) on RHAS3 and LDAP. When I use smbpasswd
-a to add a POSIX group user to Samba, both user and group RIDs are
calculated from uidNumber and gidNumber on the basis of a simple
algorithm. This is something that smbpasswd just does; moreover it's
documented. Why should mine be different from yours?


Nothing sucksseeds like a pigeon without a beak ...

mail: tonye at billy.demon.nl
They'll love us, won't they? They feed us, don't they? ...

More information about the samba mailing list