[Samba] Winbind & user ID's on multiple servers

Javier Conti javier.conti at gmail.com
Wed Mar 9 13:39:20 MST 2011

On 9 March 2011 20:13, Mike Auleta <michael_auleta at condenast.com> wrote:
> We're looking at setting up Linux Authentication to our AD servers using
> winbind and need to know if there is a way to keep all the user IDs in
> sync across the Linux servers.  The way I see it now, the user ID is
> assigned numerically depending on the order users log in to a server.
> Could make for issues if NFS mounted directories are involved.

Hi, I'm using AD 2008 R2 as PDC, and have been successful using the
following configuration in /etc/samba/smb.conf on the client:

        workgroup = MYDOMAIN
        realm = DNSDOMAIN
        security = ADS
        idmap backend = ad
        idmap config MYDOMAIN : backend = ad
        idmap config MYDOMAIN : range = 10000 - 20000
        idmap config MYDOMAIN : schema_mode = rfc2307
        winbind nss info = rfc2307

Since this configuration uses the Posix attributes found in the
rfc2307 schema, I have the uidNumber attribute of users and the
gidNumber attribute of groups populated with the IDs used in Unix (and
in the range between 10000 and 20000).

Hope this helps, Jaiver

> Thanks -
> Mike
> ------------------------------------------------------------------------------------------------
> This e-mail, including attachments, is intended for the person(s)
> or company named and may contain confidential and/or legally
> privileged information. Unauthorized disclosure, copying or use of
> this information may be unlawful and is prohibited. If you are not
> the intended recipient, please delete this message and notify the
> sender.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list