[Samba] Consistent UID/GID mappings?

Alexandre Beauclair beauclaira at lexum.com
Tue Apr 22 13:17:19 MDT 2014


Yes, I have followed the procedure to create my share.

What it appeared to be was that upon logging on Windows, it did not pull the UID and GID numbers from the Unix Attributes tab of ADUC, and so used a generated number (3000044).
In ADUC, I had both a UID and GID number for my user.
Then I remembered seeing this work back when I was trying to get consistent UIDs on across Linux machines, and was playing around with different idmap configs before finally switching over to SSSD. So I tried putting this back in smb.conf on the Samba4 server: idmap_ldb:use rfc2307 = yes.
I restarted Samba, then logged back in with test15, and it seems to be working! When I create a file, it now shows the owner as being test15 on Linux.
I probably should have left that there when I switched over from idmap config attempts to SSSD, but I was unaware of its importance. That was a newbie move on my part!

I'm learning something everyday!

Thanks for the continued support Rowland :)

Alexandre Beauclair

----- Original Message -----
From: "Rowland Penny" <rowlandpenny at googlemail.com>
Cc: samba at lists.samba.org
Sent: Tuesday, April 22, 2014 2:35:59 PM
Subject: Re: [Samba] Consistent UID/GID mappings?

On 22/04/14 18:37, Alexandre Beauclair wrote:
> Hi Rowland,
>
> Actually I meant for any share.
> Let's say a Windows user (test15) goes to the \\samba-master\documents\ samba share, then creates a file in it on Windows, on the Unix side of things, it shows the owner and group as a different user than the on that's connected to Windows (it shows the owner as 3000044 rather than test15). I believe Windows gets the user ID and associates it with its SID right? But what I need is for both Windows and Linux to see the same attributes, so that the user test15 has the same UID wether he logs in on Windows or Linux. Is there a way to make this work, so that on Windows it sees the test15 user and associates it with its correct UID (which has been set in ADUC as 23192)?
> The only thing I'm trying to get working right now is to make sure a user has the same UID everywhere it goes, be it on Linux or Windows.
>
> Alexandre Beauclair

OK, first things first, have you followed the procedure laid out here:
https://wiki.samba.org/index.php/Setting_up_a_home_share

When you connect to the samba share on the member server from a windows 
client as user test15, any files and/or directories that the user 
creates should be owned by test15 and their main linux group.

If samba is showing the user as 3000044, then linux does not know who 
they are, does user test15 have a gidNumber ? a windows user needs both 
to work correctly with samba & linux.

Linux knows nothing about SID,s & RID's, it only knows about uid & gid 
numbers, when it comes to AD, it gets these from the users uidNumber & 
gidNumber attributes, you need both and something for pull them from AD.

Rowland


>
> ----- Original Message -----
> From: "Rowland Penny" <rowlandpenny at googlemail.com>
> To: samba at lists.samba.org
> Sent: Tuesday, April 22, 2014 12:08:23 PM
> Subject: Re: [Samba] Consistent UID/GID mappings?
>
> On 22/04/14 17:01, Alexandre Beauclair wrote:
>> Hello once again!
>>
>> So I got everything to work on the Linux side of things using SSSD.
>> Now on to Windows. It seems it doesn't get the correct UID/GID when creating files in a Samba Share.
>> For example, on Linux I can see the following info for user test11:
>>
>> [root at samba-master ~]# getent passwd test15
>> test15:*:23192:50001:test15:/home/users/domain/test15:/bin/bash
>>
>> However, if I go in a share on my Windows client and create a file, this is what I get:
>>
>> [root at samba-master share]# ls -l
>> -rwxrwxrwx+ 1 3000044 3000040 0 Apr 22 11:59 file.txt
>>
>> Is there a way for Windows to use the Unix attributes?
>>
>> Alexandre Beauclair
>>
>> ----- Original Message -----
>> From: "Alexandre Beauclair" <beauclaira at lexum.com>
>> To: "steve" <steve at steve-ss.com>
>> Cc: samba at lists.samba.org
>> Sent: Wednesday, April 9, 2014 2:39:12 PM
>> Subject: Re: [Samba] Consistent UID/GID mappings?
>>
>> Following all your recommendations, I switched over to SSSD.
>> After a bit of fiddling, I got it working, and everything works like a charm!
>>
>> Thanks to all of you for the support!
>>
>> Alexandre Beauclair
>>
>> ----- Original Message -----
>> From: "steve" <steve at steve-ss.com>
>> To: "Alexandre Beauclair" <beauclaira at lexum.com>
>> Cc: "Marc Muehlfeld" <samba at marc-muehlfeld.de>, samba at lists.samba.org
>> Sent: Wednesday, April 9, 2014 4:49:22 AM
>> Subject: Re: [Samba] Consistent UID/GID mappings?
>>
>> On Tue, 2014-04-08 at 14:57 -0400, Alexandre Beauclair wrote:
>>> Thanks a lot!
>>> It worked perfectly to set the Primary GID.
>>> That's one down and I feel I'm finally getting somehwere. Now for the Home Directory attribute, we need them to point to /home/users/DOMAIN/username. The member machine has no trouble reading it from the UNIX attributes, but it doesn't seem to be able to from the Samba4 Server. It keeps pointing to /home/DOMAIN/username, which I believe is the default for Samba4. Is there some place else I have to configure it? Looking at my previous problems, I'm beginning to think I'm just not looking at the right place to configure these...
>> On the DC, winbind can't fetch anything other than uidNumber and
>> gidNumber. Use nslcd or sssd instead. In fact, use them on all your
>> Linux boxes.
>> HTH
>> Steve
>>
>>
> I take it you are referring to a users home directory, if so, have a
> read here:
>
> https://wiki.samba.org/index.php/Setting_up_a_home_share
>
> Rowland
>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba


More information about the samba mailing list