[Samba] Adding idmap backend = idmap_rid... and possible consequences

bakytn bakytn at gmail.com
Tue Apr 10 12:51:57 MDT 2012

I have Linux machine with Samba 3.5.11 working great.

I was using passdb backend = tdbsam 

So when I tried to setup a second Linux machine I failed..since UID/GID's
were different
when I copied fiels from server 1 to server 2.

Would you recommend me to use IDMAP_RID with Winbind? 

BTW, I don't have domain trusts (which is required to be "off" when using

It's a small domain with about 300 users at the very maximum. 

So if I just add 

idmap backend = idmap_rid:DOMAIN=2000-100000000 

What would change? Would it mess my current UID/GID's??? 

Here is my smb.conf (global section)
   workgroup = DOMAIN 
   realm = DOMAIN.LOCAL 
   preferred master = no 

   server string = SAMBA 
   security = ADS 
   encrypt passwords = yes 
   log level = 1 
   log file = /var/log/samba/log.%m 
   max log size = 1000 

   idmap uid = 3000-20000 
   idmap gid = 3000-20000 
   template shell = /bin/bash 

   winbind enum groups = yes 
   winbind enum users = yes 
   winbind separator = + 
   winbind use default domain = Yes 
   winbind nested groups = Yes 

   template homedir = "/data/files/%U" 

   syslog = 0 

   panic action = /usr/share/samba/panic-action %d 
   passdb backend = tdbsam 

   obey pam restrictions = yes 

   unix password sync = yes 

   passwd program = /usr/bin/passwd %u 
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:*
%n\n *password\supdated\ssuccessfully* . 

   pam password change = yes 

   map to guest = bad user 

   usershare allow guests = yes 

View this message in context: http://samba.2283325.n4.nabble.com/Adding-idmap-backend-idmap-rid-and-possible-consequences-tp4546579p4546579.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list