[Samba] uidNumber. ( Was: What is --rfc2307-from-nss ??)
Rowland Penny
rowlandpenny at googlemail.com
Tue Dec 2 12:15:49 MST 2014
On 02/12/14 18:47, steve wrote:
> On 02/12/14 09:29, Greg Zartman wrote:
>
>>
>> I think I've finally got this all sorted out. After I setup a user
>> using
>> samba-tool user create, I'll pull the RID for this new user and then set
>> the UID/GID = RID + 3000. I'll then set xidNumber =
>> UIDNumber(GIDNumber),
>> as appropriate.
>
> I'd recommend using only 1 database for all your users (AD) and leave
> xidNumber in the independent idmap database and use that only for the
> builtin groups. That way, your users get replicated with exactly the
> same attributes to all DCs. idmap is not replicated and so you end up
> with users only being recognised on the DC which happened to be
> queried when you created the user. In all cases ever know to mankind,
> that's a mess. Stick to AD if you possibly can. Windows does.
> HTH,
> Steve
>
Doh, I missed that, well spotted Steve.
Do not alter idmap.ldb, leave it alone, use RFC2307 attributes where
possible and join my campaign to get winbindd to pull all the attributes
:-D
Rowland
More information about the samba
mailing list