[Samba] The problem with setting up AD domain to Samba 4

Vladimir A Fomkin vaf at vaf.net.ru
Wed Jun 19 02:59:03 MDT 2013


Hi!
I'm tried to change idmap backend from tdb to rid and setting up idmap
range, but samba uses old type of UIDs.
What am I doing wrong?


[global]
    workgroup = TEST
    realm = test.local
    netbios name = BDC-SAMBA
    server role = active directory domain controller
    dns forwarder = 192.168.1.102
    idmap config TEST:backend = rid
    idmap config TEST:range = 4000000 - 5000000
    idmap config TEST:schema_mode = rfc2307
    idmap config *:backend = rid





root at bdc-samba:~# /usr/local/samba/bin/testparm -sv
/usr/local/samba/etc/smb.conf | grep backend
Load smb config files from /usr/local/samba/etc/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[netlogon]"
Processing section "[sysvol]"
Processing section "[profiles]"
Loaded services file OK.
Server role: ROLE_ACTIVE_DIRECTORY_DC
    passdb backend = samba_dsdb
    idmap backend = tdb
    share backend =
    idmap config TEST:backend = rid
    idmap config * : backend = rid
root at bdc-samba:~#



2013/6/17 Vladimir A Fomkin <vaf at vaf.net.ru>

> Hi!
>
> root at debian-samba4:/usr/local/samba/private#
> /usr/local/samba/bin/ldbsearch --url=/usr/local/samba/private/sam.ldb |
> grep tester4
> sAMAccountName: tester4
> userPrincipalName: tester4 at test.local
> root at debian-samba4:/usr/local/samba/private#
>
>
> And I found there UID is saved - /usr/local/samba/bin/ldbedit
> --url=/usr/local/samba/private/idmap.ldb
> On PDC shows (cutted):
> # record 7
> dn: CN=S-1-5-21-3451120384-2816699473-3647757164-1110
> cn: S-1-5-21-3451120384-2816699473-3647757164-1110
> objectClass: sidMap
> objectSid: S-1-5-21-3451120384-2816699473-3647757164-1110
> type: ID_TYPE_BOTH
> xidNumber: 3000023
> distinguishedName: CN=S-1-5-21-3451120384-2816699473-3647757164-1110
>
> On BDC shows (cutted):
> # record 5
> dn: CN=S-1-5-21-3451120384-2816699473-3647757164-1110
> cn: S-1-5-21-3451120384-2816699473-3647757164-1110
> objectClass: sidMap
> objectSid: S-1-5-21-3451120384-2816699473-3647757164-1110
> type: ID_TYPE_BOTH
> xidNumber: 3000020
> distinguishedName: CN=S-1-5-21-3451120384-2816699473-3647757164-1110
>
>
>
> SID is the same, but the UID is different!
>
>
>
> 2013/6/17 steve <steve at steve-ss.com>
>
>> On Mon, 2013-06-17 at 14:50 +0400, Vladimir A Fomkin wrote:
>> > HI!
>> > root at bdc-samba:~# /usr/local/samba/bin/samba-tool user add tester4
>> > New Password:
>> > Retype Password:
>> > ERROR(ldb): Failed to add user 'tester4':  - samldb: Account name
>> > (sAMAccountName) 'tester4' already in use!
>> > root at bdc-samba:~#
>>
>>
>> Hi
>> ldbsearch --url=/usr/local/samba/private/sam.ldb | grep tester4
>>
>>
>>
>>
>
>
> --
> С уважением,
> Фомкин Владимир Андреевич
> ICQ:220967838
> Skype:vladimir.fomkin
> http://vaf.net.ru
>



-- 
С уважением,
Фомкин Владимир Андреевич
ICQ:220967838
Skype:vladimir.fomkin
http://vaf.net.ru


More information about the samba mailing list