[Samba] Consistent UID/GID mappings?

Alexandre Beauclair beauclaira at lexum.com
Tue Apr 8 12:03:28 MDT 2014


I can go in ADUC, or on the command line (both works) to add a user to the group. 
Let's say I have a group called testgroup. I can add a user to it using samba-tool, or use ADUC and add testuser to the group under the Members tab of the group object. However, still in ADUC, if I go to the UNIX Attribute tab of the testgroup object and add a member there, it doesn't work. At least there's a way that works for me to add a member to a group, but I'm wondering why it's not being picked up.

Also, the problem I mentioned earlier was regarding the PrimaryGID of the user, which is apparently not read. I can set it to testgroup under UNIX Attributes of the ADUC, but when I "getent passwd" on my member machine, the GID is still at 513 (Domain Users).

I noticed that on my member machine, when I "getent passwd" it actually shows the values I set in the UNIX Attributes tab for UID, Login Shell and Home Directory, but not PrimaryGID.
On my Samba4 server machine, it only gets the UID, and nothing else. Login Shell remains at /bin/false except if I set a template shell in smb.conf, and the Home Directory value is /home/DOM/testuser. If I set a template homedir in smb.conf, it will take that value, but doesn't register the %U value to replace the username.

So all in all, as far as UID goes, I'm good to go. My problem is now with PrimaryGID not being picked up on either machines, and Login Shell/Home Directory not registering with the Samba4 Server when I query with getent.

Sorry if it seems a bit confusing, I'm trying to make sense of it all. As usual I appreciate all your support!

Alexandre Beauclair

----- Original Message -----
From: "Marc Muehlfeld" <samba at marc-muehlfeld.de>
To: "steve" <steve at steve-ss.com>, samba at lists.samba.org
Sent: Tuesday, April 8, 2014 12:53:32 PM
Subject: Re: [Samba] Consistent UID/GID mappings?

Am 08.04.2014 18:09, schrieb steve:
> You do not need to provision with:
> --use-rfc2307
> to use rfc2307 with a Samba4 DC.

No. But not everyone wants to administrate the server on cmd line. And 
to have the Unix Tab in ADUC, it's neccessary.


Regards,
Marc
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba


More information about the samba mailing list