[Samba] UID/GID mapping consistency across at least two Linux machines

Ludek Finstrle ludek.finstrle at pzkagis.cz
Wed Apr 11 03:30:29 MDT 2012


Wed, Apr 11, 2012 at 11:02:09AM +0200, steve napsal(a):
> On 11/04/12 09:09, Daniel Müller wrote:
> >I also only use ldap the same way without any winbind.
> Thanks. I was beginning to wonder if we were the only ones. It seems
> such an easy alternative to using winbind. The uid/gid is _exactly_

I don't use winbind and also I don't use posixAccount on Samba4 Frenky.

> wysiwyg. Always. I think this is the sort of consistency the op was
> looking for. The sid-rid idmap winbind stuff seems horrendously
> complicated.

It's just easy from my point of view. But I don't want to have running
winbind and I don't see very nice way to manage posixAccount too. The man
who creates user accounts isn't very keen in IT ...

So I use nslcd to map uid/gid with last part of SID + some constant and
I created very small patch to the samba ads backend with the same behaviour.
I don't need DOMAIN trusts so it's enough for my small environment.


More information about the samba mailing list