[Samba] Help! Emergency

Christian Lahti christian at matissenetworks.com
Fri Nov 18 23:29:17 GMT 2005

Ok, so this is probably a stupid question asked a million times, but I
am a bit stuck.  Up till now I have always deployed an OpenLDAP backend
and a Samba domain controller in order to share the same set of data
between unix and windows hosts.  So jsmith with a UID of 1001 could
read/write files either in Linux or windows and the same "identity"
would be used.  Now I am working for a company that uses active
directory, I consolidated Linux to use AD for Unix, so now in AD I have
jsmith and 1001 as the "NIS" Uid.  Now comes the bad part, on a Linux
filesystem shared by Samba to windows, when jsmith writes a file to the
samba share, I expect the owner of the file to be 1001 BUT it is
something like 16777216 instead!  I suppose this has to do with the UID
mapping, I just want the UID/GID to keep with the same AD stuff.
Please, please, please tell me how I should setup Samba to use the
assigned UID to the AD name.  I thought by joining the AD domain samba
would pick this up.  I am suspecting I have to use LDAP access to AD to
get the UID/GID info, but the attribute names are not standard POSIX
stuff.  I am sure there is an easy solution for this, the whole idea of
using AD for both Windows and Unix was to eliminate administration and
get closer to single signon.



   log file = /var/log/samba/%m.log

   load printers = yes

   idmap gid = 16777216-33554431

   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

   wins server =

   winbind use default domain = no

   template shell = /bin/bash

   dns proxy = no

   cups options = raw

   netbios name = tuvalu

   server string = Matisse Storage

   idmap uid = 16777216-33554431

   workgroup = MATISSE

   os level = 20

   printcap name = /etc/printcap

   security = ads

   max log size = 50

   password server = MATISSE01




/Christian Lahti

christian at matissenetworks.com


More information about the samba mailing list