[Samba] Manual UID & GID mapping with Active Directory

[Geoffrey Scott]

Yanick Quirion wrote:
> Hi Geoffrey,
> 
> Is it possible for you to be more specific about this configuration?
> Have you already done it in the past? I'm not very good with ldap and
> more hints how to setup this will be helpful. 

If you look in Chapter 7 of the samba by example book (available in dead
tree format which means John gets paid for his efforts, or online in PDF in
the docs section of the samba.org site)  You'll see a few more specifics of
how to set up both scenarios.  

I personally chose to use idmap_rid for simplicities sake, but that was with
Debian.   as I understand it, Redhat doesn't build idmap_rid.so by default,
so you may want to update your locate db and use locate to search for
idmap_rid.  I haven't checked yet to see if the sernet rpms have it built so
that may be something for you to investigate.  If you follow the recipe in
chapter 7 for idmap_rid keep in mind that John is a little vague on the need
for setting up the krb.conf file.  You may need to follow part of chapter 12
where he shows how to configure that file and use kinit etc (although you
must have had success in this already). HTH

Regards Geoff

> Regards,
> Yanick

>> However, all systems don't seem having the same database to UID & GID
>> mapping. There is a way to make all my Linux system having the same
>> mapping? 
>> 
> Look up idmap_rid or research storing winbind stuff in ldap and then
> a using master and slave ldap servers to push the consistent uid and
> gid from one server to all others  
> 
> GS