[Samba] Samba 4 Consistent uid gid mapping across servers.
Wayne L. Andersen
waynea at clima-tech.com
Thu Oct 24 14:08:50 MDT 2013
Please make good backups vefore doing any of this, and make sure you
double check your edits. This can trash your schema if you are careless.
I was able to get this working by editing the
/usr/local/src/samba-4.1.0/source4/setup/ypServ30.ldif file to match my
domain.
I had to change the macros in the file to matc my domain:
${DOMAINDN} = DC=CORP,DC=SAMDOM,DC=COM
${NISDOMAIN} = CN=CORP
${NETBIOSNAME] = CORP
Be careful to make sure to get these correct.
Then using this command to apply the changes.
/usr/local/samba/bin/ldbmodify -H
/usr/local/samba/private/sam.ldb.d/DC%3DCORP,DC%3DCLIMA-TECH,DC%3DCOM.ldb -U
administrator /usr/local/src/samba-4.1.0/source4/setup/ypServ30.ldif
I then created an ldif for each user, this is actually automated via a
puppet script.
cat /tmp/someuser.ldif
dn: CN=Some User,DC=corp,DC=samdom,DC=com
add: objectClass
objectClass: posixAccount
-
add: gidNumber
gidNumber: 100
-
add: uidNumber
uidNumber: 10099
Merged that data like this:
ldapmodify -I -h 10.10.1.199 -f /tmp/someuser.ldif
Test to see if the data was entered properly with this.
bin/ldbsearch -H private/sam.ldb '(objectclass=posixaccount)'
I can then access this easily via ldap either directly for dovecot or
other apps and through nss-ldap.
I am going to write up a detailed post and put it on-line this weekend.
Wayne Andersen
More information about the samba
mailing list