[Samba] Samba 4 Consistent uid gid mapping across servers.
Alex Wakizashi
alex at wakizashi.info
Mon Oct 28 00:45:30 MDT 2013
This error:
> attribute 'uidNumber' on entry 'CN=janis.ozols,OU=2009,DC=xyz
,DC=abc,DC=lv' was not found in the schema!
means that you have no rfc2307 attributes defined in the schema.
That may happens if you provisioned your Samba4 DC without rfc2307
option, or migrated your DC from pre-W2K3R2 domain - which is exactly
your case (it's one of differences between W2K3 and W2K3R2 - which got
MS Tools for Unix and extended AD schema).
Not sure that should you do, it should be possible to change schemas,
but it's quite dangerous, especially if you migrated from Windows.
2013/10/20 GintsN <gintsn at gmail.com>:
> On 10/19/2013 10:58 AM, steve wrote:
>
>> Not a big deal. You can use wbinfo -i to pull the info fr uidNumber and
>> gidNumber and ldbmodify. But be warned: do this on a _single_ DC and
>> add:
>> idmap_ldb use:rfc2307 = Yes
>> to smb.conf to all your DC's afterwards.
>
>
> Should I add any additional attributes to smb.conf or user entries?
>
> I have migrated W2K3 AD -> Samba 4.0.7 -> Samba 4.1.0. Now I wish to add
> uidNumber to user object:
>
> I added string "idmap_ldb:use rfc2307 = yes" to smb.conf, restarted samba.
>
> Now:
>
> ldbedit -H /usr/local/samba/private/sam.ldb sAMAccountName=janis.ozols
> ... Added:
> uidNumber: 300999
>
>
> ... close and got:
>
> failed to modify CN=janis.ozols,OU=2009,DC=xyz,DC=abc,DC=lv -
> objectclass_attrs: attribute 'uidNumber' on entry
> 'CN=janis.ozols,OU=2009,DC=xyz,DC=abc,DC=lv' was not found in the schema!
>
>
> which entries exactly shoud I add, modify to user data?
>
>
> Current entries for edited user now are:
> ==
> # editing 1 records
> # record 1
> dn: CN=janis.ozols,OU=2009,DC=xyz,DC=abc,DC=lv
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> cn: janis.ozols
> sn: Janis
> description: Test account
> givenName: Ozols
> instanceType: 4
> whenCreated: 20130809130646.0Z
> whenChanged: 20130809130646.0Z
> displayName: Ozols Janis
> uSNCreated: 7575
> name: janis.ozols
> objectGUID: 05af67f7-c5e0-439c-9cae-cfe667cf19ea
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> homeDirectory: \\someserver\janis.ozols
> homeDrive: G:
> badPasswordTime: 0
> lastLogoff: 0
> lastLogon: 0
> scriptPath: logon.bat
> primaryGroupID: 513
> profilePath: \\someserver\PROFILE\janis.ozols
> objectSid: S-1-5-21-2016371725-1493893514-1541874228-20143
> accountExpires: 9223372036854775807
> logonCount: 0
> sAMAccountName: janis.ozols
> sAMAccountType: 805306368
> userPrincipalName: janis.ozols at xyz.abc.lv
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=xyz,DC=abc,DC=lv
> pwdLastSet: 130205272060000000
> userAccountControl: 512
> uSNChanged: 7577
> distinguishedName: CN=janis.ozols,OU=2009,DC=xyz,DC=abc,DC=lv
> ===
>
> G.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list