[Samba] Samba 4 two DCs no matching UID/GID

Tim rintimtim at gmx.net
Tue Dec 9 15:49:33 MST 2014

But will this idmap.ldb change work for upcoming new users or groups so that uid/gid will not be different?

The wiki tells us about built-in groups. Those have the right ids.

Am 9. Dezember 2014 23:03:44 MEZ, schrieb Rowland Penny <rowlandpenny at googlemail.com>:
>On 09/12/14 21:07, Tim wrote:
>> Hello all,
>> I have a fresh install of two CentOS 7 machines. On DC1 I made a
>domain provision with --use-rfc2307. In DC2 I made a join as DC - both
>exactly as the wiki advised.
>> In fact of its missing I added the idmap use rfc2307 yes parameter to
>> I will have an extra share on both DCs.
>> Today I realized, that wbinfo shows different UID/GID for the same
>users or groups on the DC's.
>> I created the users/groups via RSAT. I don't have a Unix attributes
>tab in RSAT. Is that my problem for different uid/gid?
>> Thanks in advance
>> Tim
>Hi, I think your problem is that idmap.ldb does not replicate to the
>DC, this means that users get different UID's on the two DC's.
>If you run:
>ldbedit -e nano -H /var/lib/samba/private/idmap.ldb
>on each DC, you will be able to see the differences.
>The cure ? copy idmap.ldb from the first DC to any secondary DC's after
>the join.
>It is documented here: 
>https://wiki.samba.org/index.php/Join_a_domain_as_a_DC , near the
>of the page.
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list