[Samba] Non-algorithmic RIDs
jojowil at hvcc.edu
Fri May 20 17:05:07 GMT 2005
On Fri, 20 May 2005, William Jojo wrote:
> On Fri, 20 May 2005, Misty Stanley-Jones wrote:
> > When I set up my initial users for the Samba domain i did not realize that
> > RIDs were supposed to be dynamic. I was creating the user as a posixAccount
> > in LDAP, and then adding the Samba elements via a script that I wrote.
> > Their RIDs are the same as their UID. For instance if I have a user with
> > uidNumber 1036, her SID would be <domain-SID>-1036. This is fine except for
> > idmapping for member servers, for ACLs. I have about 30 users with this
> > problem. Is there a non-disruptive way for me to convert their RIDs to be
> Yes. The default argorithmic way is uidNumber+1000 for RID of user and
> gidNumber+1001 for RID of group entries (sambaGroupMapping).
Duh! I meant 2*uidNumber+1000, 2*gidNumber+1001! Sorry....it's friday.
Should try sleeping today... :-)
> I do the same as you and wrote some in house stuff to fill in some blanks.
> > algorithmic based on their UIDs, without destroying their roaming profiles
> > etc? If not I think we will just have to deal with not being able to use
> > ACLs on member servers, but I thought I would query first. To reiterate, we
> > are using a LDAP backend.
> You will however need to run the "/sambapath/bin/profiles" program against
> the user's ntuser.dat to reflect the new SID-RID value.
> Shouldn't take long.
> > Misty
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba