[Samba] uidNumber. ( Was: What is --rfc2307-from-nss ??)

Rowland Penny rowlandpenny at googlemail.com
Tue Dec 2 12:15:49 MST 2014

On 02/12/14 18:47, steve wrote:
> On 02/12/14 09:29, Greg Zartman wrote:
>> I think I've finally got this all sorted out.  After I setup a user 
>> using
>> samba-tool user create, I'll pull the RID for this new user and then set
>> the UID/GID = RID + 3000.   I'll then set xidNumber = 
>> UIDNumber(GIDNumber),
>> as appropriate.
> I'd recommend using only 1 database for all your users (AD) and leave 
> xidNumber in the independent idmap database and use that only for the 
> builtin groups. That way, your users get replicated with exactly the 
> same attributes to all DCs. idmap is not replicated and so you end up 
> with users only being recognised on the DC which happened to be 
> queried when you created the user. In all cases ever know to mankind, 
> that's a mess. Stick to AD if you possibly can. Windows does.
> HTH,
> Steve
Doh, I missed that, well spotted Steve.

Do not alter idmap.ldb, leave it alone, use RFC2307 attributes where 
possible and join my campaign to get winbindd to pull all the attributes 


More information about the samba mailing list