[Samba] gidNumber's and ldap backed samba PDC

Derek Werthmuller dwerthmu at ctg.albany.edu
Tue Mar 24 17:10:48 GMT 2009

In the planning process for migrating from NT4 PDC, and external ldap
directory to samba 3.2.8 PDC. The external existing openldap directory is
used currently to support the local uid mapping for the Linux logins and
samba file servers that are members of the current NT4 PDC.

While looking at the existing openldap UIDs and GIDs in use and what the
samba PDC wants to use I see some uid/gid collisions.  For example I see
that the Domain Admins uses gid 512, just so happens to be the same as a
file system group(in the ldap directory).

Is it better to change the users group gid and leave the samba domain admins
and such the way they are? 

I suspect a small shell script can crawl the file system and replace one gid
for another if I were to change the users GID.


More information about the samba mailing list