[Samba] samba4: samba-tool and (unix) uids
geza at kzsdabas.hu
Mon Sep 24 23:13:29 MDT 2012
2012-09-24 22:52 keltezéssel, Thomas Karmann írta:
> at my universities CS computer pools we're trying to migrate our
> samba3 based NT domain to AD with samba4-rc1.
> In the past we had a little script which our users could run on their
> own from their linux account which created a samba user with
> their own uid/gid and set their password (via smbpasswd).
> We're trying to recreate this behaviour with "samba-tool user create" but we couldn't
> find a parameter to set the mapping SID <-> uid.
> Without the correct mapping we can't get the users profile/home permissions right.
> Will we have to manually correct the private/idmap.ldb each time we
> add a user or are we missing something? Is it save to edit the idmap on
> the fly?
> With kind regards,
If you migrate via samba-tool classicupgrade it takes care of migrating
existing uids gids shells and homedirectories to samba4. At the same
time it sets idmap_ldb:use rfc2307 = yes in the global section of Samba4
smb.conf. That means, that Samba4 winbind retrieves uids, gids from the
Because of that you don't need to fiddle with idmap.ldb. So until
samba-tool gets support for manipulating posix attributes I would
recommend setting up those attributes by ldmodify against the directory
(or if you prefer a gui via ADUC (if you install RSAT on Windows Vista/7))
More information about the samba