[Samba] Re: winbind configuration

Andreas Ladanyi knuffiandy at web.de
Sat Sep 13 18:23:41 GMT 2008


ok, now i understand your issue.

Please have a look at your first thread in this newsgroup, Michael Adam 
sent you a nice suggestion.

The reason is:

The SID->UID/GID mapping will be randomized by default. So you need a 
mechanism to hold the uid/gid mapping equal !

I think the first suggestion is nice for new uder/group setups, because 
i think the RID (from SID) on windows site is randomized by windows when 
the user/group is created in Active Directory and this RID is not 
changeable by hand ?!

The second suggestion is better for an existing user/group environment, 
because with SFU or the RFC2307 schemata extension you could add the 
uids/gids by yourself and built a setup with the existing ids from 
/etc/passwd and /etc/group or NIS.

I wish you the very best ;-)

Andreas Ladanyi

vishesh schrieb:
> Thanks for reply
>>    The SID of windows users and groups is same bacause both server are 
>> part of same Domain.
>> The list of users wbinfo -u and groups wbinfo -g is same but the uid 
>> and gid is diffrent. Both server is window 2003 standard.
>> The winbind configuration is as follows
>> workgroup = ABP
>> realm = ABP.DEL
>> netbios name = abptest
>> security = ADS
>> allow trusted domains = yes
>> idmap uid = 3000-30000
>> idmap gid = 3000-30000
>> template homedir = /home/%D/%U
>> template shell = /bin/bash
>> winbind cache time = 3600
>> winbind separator = +
>> winbind nested groups = yes
>> thanking you

More information about the samba mailing list