[Samba] Samba 4 Consistent uid gid mapping across servers.

steve steve at steve-ss.com
Fri Oct 25 10:28:04 MDT 2013 

On Fri, 2013-10-25 at 17:19 +0100, Rowland Penny wrote:
> On 25/10/13 17:05, steve wrote:
> > On Fri, 2013-10-25 at 16:23 +0100, Rowland Penny wrote:
> >> On 25/10/13 16:07, steve wrote:
> >>> On Fri, 2013-10-25 at 17:22 +0300, Gints Neimanis wrote:
> >>>
> >>>> Already started explore how to use  ypServ30.ldif.
> >>>>
> >>>> The results from first attempt are:
> >>>> - added modified ypServ30.ldif  to  ../private/sam.ldb.d/DC.....ldb
> >>>> (without errors)
> >>> It is a cardinal sin to alter the partition. I think you'll now have a
> >>> corrupted AD. Can you go back to the backup and add the ldif
> >>> against ../private/sam.ldb instead?
> >>>
> >>> On DC2, I think the best way is to demote it. Then update the schema on
> >>> a freshly reinstated DC1. Now add a rfc2307 user. Then rejoin DC2
> >>> whereupon it should now replicate your uidNumber.
> >>>
> >>> HTH
> >>> Steve
> >>>
> >>>
> >> Hi, totally agree, plus I thought that you didn't actually have the
> >> required objectclasses & attributes in the your schema, just adding
> >> ypServ30.ldif will not add them.
> >>
> >> Rowland
> > Hi
> > Oh dear. I had assumed that ypServ.ldif was the schema extension that
> > gave rfc2307 back in the 2003-2003R2 days. This puts yet another slant
> > on it. Phew!
> > Cheers,
> > Steve
> >
> >
> Hi Steve, No, adding ypServ30.ldif is a bit like adding the 
> automount.ldif, you need the right objectClasses & attributes in the 
> schema first. If you are interested, you will find ypServ30.ldif in 
> /usr/local/samba/share/setup/, but from my investigations, it does not 
> seem to be the full ldif that windows added.
> It would seem that to get the UNIX attributes tab to show in ADUC, you 
> need to be running Windows server 2003R2 (aka Samba4) and have 
> ypServ30.ldif installed (aka SFU 3.5 or whatever they are calling it 
> this week)
> 
> Rowland
> 
Hi Rowland
Thanks. Got it now. 
OK, so I think that the OP needs the schema extension ldif that adds the
posixAccount objectClass and related attributes. Do we have that? I
don't think anyone has been here before.
Cheers,
Steve

More information about the samba mailing list