[Samba] Samba 4 Consistent uid gid mapping across servers.

Rowland Penny rowlandpenny at googlemail.com
Fri Oct 25 10:19:22 MDT 2013


On 25/10/13 17:05, steve wrote:
> On Fri, 2013-10-25 at 16:23 +0100, Rowland Penny wrote:
>> On 25/10/13 16:07, steve wrote:
>>> On Fri, 2013-10-25 at 17:22 +0300, Gints Neimanis wrote:
>>>
>>>> Already started explore how to use  ypServ30.ldif.
>>>>
>>>> The results from first attempt are:
>>>> - added modified ypServ30.ldif  to  ../private/sam.ldb.d/DC.....ldb
>>>> (without errors)
>>> It is a cardinal sin to alter the partition. I think you'll now have a
>>> corrupted AD. Can you go back to the backup and add the ldif
>>> against ../private/sam.ldb instead?
>>>
>>> On DC2, I think the best way is to demote it. Then update the schema on
>>> a freshly reinstated DC1. Now add a rfc2307 user. Then rejoin DC2
>>> whereupon it should now replicate your uidNumber.
>>>
>>> HTH
>>> Steve
>>>
>>>
>> Hi, totally agree, plus I thought that you didn't actually have the
>> required objectclasses & attributes in the your schema, just adding
>> ypServ30.ldif will not add them.
>>
>> Rowland
> Hi
> Oh dear. I had assumed that ypServ.ldif was the schema extension that
> gave rfc2307 back in the 2003-2003R2 days. This puts yet another slant
> on it. Phew!
> Cheers,
> Steve
>
>
Hi Steve, No, adding ypServ30.ldif is a bit like adding the 
automount.ldif, you need the right objectClasses & attributes in the 
schema first. If you are interested, you will find ypServ30.ldif in 
/usr/local/samba/share/setup/, but from my investigations, it does not 
seem to be the full ldif that windows added.
It would seem that to get the UNIX attributes tab to show in ADUC, you 
need to be running Windows server 2003R2 (aka Samba4) and have 
ypServ30.ldif installed (aka SFU 3.5 or whatever they are calling it 
this week)

Rowland



More information about the samba mailing list