[Samba] Consistent UID/GID mappings?

Rowland Penny rowlandpenny at googlemail.com
Tue Apr 8 13:48:53 MDT 2014


On 08/04/14 20:12, Jeremy Allison wrote:
> On Tue, Apr 08, 2014 at 08:07:20PM +0100, Rowland Penny wrote:
>> On 08/04/14 19:57, Alexandre Beauclair wrote:
>>> Thanks a lot!
>>> It worked perfectly to set the Primary GID.
>>> That's one down and I feel I'm finally getting somehwere. Now for the Home Directory attribute, we need them to point to /home/users/DOMAIN/username. The member machine has no trouble reading it from the UNIX attributes, but it doesn't seem to be able to from the Samba4 Server. It keeps pointing to /home/DOMAIN/username, which I believe is the default for Samba4. Is there some place else I have to configure it? Looking at my previous problems, I'm beginning to think I'm just not looking at the right place to configure these...
>>>
>>> Alexandre Beauclair
>> Hi, I take it this is on the samba4 server? if so, you could try
>> using sssd (damn I am not supposed to recommend this, the devs don't
>> like it ;-) )
> Argggh. Please stop (not the recommending of sssd, but the
> 'the devs don't like it' bullshit :-).
>
> ON THE RECORD !!!! I am fine with sssd, I think it's great.
> Simo (who is a core Samba Team member) and the other sssd
> devs do great with their product. It's a modern clean design
> with great technology. It just doesn't happen to be supported
> on this list.
>
> What I object to is the promotion of 'use sssd, winbindd
> is shit' comments on the samba-technical and samba lists.
> It's just not the place !
>
> If you want to wave flags for one solution or another
> just don't do it on the lists for either of the solutions
> (I'm sure the sssd lists wouldn't appreciate comments like
> 'sssd is shit, use winbindd' either :-).
>
> Now is that so hard ?
>
> :-).
>
> Jeremy.
Jeremy, I thought before I posted, and I was being sarcastic in the way 
I posted. I wouldn't have posted except for the fact that in this 
instance, sssd actually works in the way that the OP wants, whereas the 
builtin winbind doesn't.

I do not recommend sssd on the list any more except in this case, 
because the last time I did, YOU told me not to!

I  have found out why I could never get the winbind ad backend to work 
for me, you have to jump through a series of hoops, users have to have a 
uidnumber & gidNumber, groups have to have a gidNumber and NONE of these 
must be below the lower range you set in smb.conf. It was the later that 
got me, I stupidly gave Domain Users the gidnumber of '100', this I 
based on samba4 giving the group the same xidNumber in idmap.ldb.

Having said all this, I will not mention sssd here again.

Rowland


More information about the samba mailing list