[Samba] Samba 4 two DCs no matching UID/GID
Rowland Penny
rowlandpenny at googlemail.com
Tue Dec 9 15:03:44 MST 2014
On 09/12/14 21:07, Tim wrote:
> Hello all,
>
> I have a fresh install of two CentOS 7 machines. On DC1 I made a domain provision with --use-rfc2307. In DC2 I made a join as DC - both exactly as the wiki advised.
>
> In fact of its missing I added the idmap use rfc2307 yes parameter to smb.conf.
>
> I will have an extra share on both DCs.
>
> Today I realized, that wbinfo shows different UID/GID for the same users or groups on the DC's.
>
> I created the users/groups via RSAT. I don't have a Unix attributes tab in RSAT. Is that my problem for different uid/gid?
>
> Thanks in advance
> Tim
Hi, I think your problem is that idmap.ldb does not replicate to the new
DC, this means that users get different UID's on the two DC's.
If you run:
ldbedit -e nano -H /var/lib/samba/private/idmap.ldb
on each DC, you will be able to see the differences.
The cure ? copy idmap.ldb from the first DC to any secondary DC's after
the join.
It is documented here:
https://wiki.samba.org/index.php/Join_a_domain_as_a_DC , near the bottom
of the page.
Rowland
More information about the samba
mailing list