[Samba] Non-algorithmic RIDs
jojowil at hvcc.edu
Fri May 20 16:57:09 GMT 2005
On Fri, 20 May 2005, Misty Stanley-Jones wrote:
> When I set up my initial users for the Samba domain i did not realize that
> RIDs were supposed to be dynamic. I was creating the user as a posixAccount
> in LDAP, and then adding the Samba elements via a script that I wrote.
> Their RIDs are the same as their UID. For instance if I have a user with
> uidNumber 1036, her SID would be <domain-SID>-1036. This is fine except for
> idmapping for member servers, for ACLs. I have about 30 users with this
> problem. Is there a non-disruptive way for me to convert their RIDs to be
Yes. The default argorithmic way is uidNumber+1000 for RID of user and
gidNumber+1001 for RID of group entries (sambaGroupMapping).
I do the same as you and wrote some in house stuff to fill in some blanks.
> algorithmic based on their UIDs, without destroying their roaming profiles
> etc? If not I think we will just have to deal with not being able to use
> ACLs on member servers, but I thought I would query first. To reiterate, we
> are using a LDAP backend.
You will however need to run the "/sambapath/bin/profiles" program against
the user's ntuser.dat to reflect the new SID-RID value.
Shouldn't take long.
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba