[Samba] uidNumber. ( Was: What is --rfc2307-from-nss ??)
Rowland Penny
rowlandpenny at googlemail.com
Tue Dec 2 12:47:50 MST 2014
On 02/12/14 19:24, Greg Zartman wrote:
> On Tue, Dec 2, 2014 at 11:15 AM, Rowland Penny
> <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>> wrote:
>
>
> Doh, I missed that, well spotted Steve.
>
> Do not alter idmap.ldb, leave it alone, use RFC2307 attributes
> where possible and join my campaign to get winbindd to pull all
> the attributes :-D
>
>
> So, the xidNumber isn't needed? I'm going to be use SSSD for local
> auth, which pulls uidNumber from the AD, but didn't know if something
> else uses xidNumber
>
> Greg
>
If you examine idmap.ldb with ldbedit, you will see it contains records
for builtin users/groups AND domain users/groups. On the samba 4 AD DC,
if you do not use RFC2307 attributes, the domain users/groups
xidNumber's are used via winbind, but if you do use the RFC2307
attributes for domain users/groups, then the xidNumbers are ignored. The
builtin users/groups always use the xidNumbers, you do not need to
concern yourself these.
Rowland
More information about the samba
mailing list