[Samba] uidNumber. ( Was: What is --rfc2307-from-nss ??)

Rowland Penny rowlandpenny at googlemail.com
Tue Dec 2 12:15:49 MST 2014


On 02/12/14 18:47, steve wrote:
> On 02/12/14 09:29, Greg Zartman wrote:
>
>>
>> I think I've finally got this all sorted out.  After I setup a user 
>> using
>> samba-tool user create, I'll pull the RID for this new user and then set
>> the UID/GID = RID + 3000.   I'll then set xidNumber = 
>> UIDNumber(GIDNumber),
>> as appropriate.
>
> I'd recommend using only 1 database for all your users (AD) and leave 
> xidNumber in the independent idmap database and use that only for the 
> builtin groups. That way, your users get replicated with exactly the 
> same attributes to all DCs. idmap is not replicated and so you end up 
> with users only being recognised on the DC which happened to be 
> queried when you created the user. In all cases ever know to mankind, 
> that's a mess. Stick to AD if you possibly can. Windows does.
> HTH,
> Steve
>
Doh, I missed that, well spotted Steve.

Do not alter idmap.ldb, leave it alone, use RFC2307 attributes where 
possible and join my campaign to get winbindd to pull all the attributes 
:-D

Rowland



More information about the samba mailing list