[Samba] Mixed Samba4 and 3.6 uids/gids

Rowland Penny rowlandpenny at googlemail.com
Mon Dec 22 12:04:08 MST 2014


On 22/12/14 17:22, Denis Cardon wrote:
> Hi William,
>
>> I have an AD domain (Samba 4.1.13 domain controllers) and some Samba 3.6
>> clients.
>> I would like the uid/gid mappings to be consistent across the two 
>> sets of
>> machines.
>>
>> The Samba4 DCs have the following line in smb.conf:
>>
>> idmap_ldb:use rfc2307 = yes
>>
>> and their uids/gids are in sync across all four of them.
>>
>> The Samba 3.6 domain members currently have:
>>
>> idmap config MBSW : backend = rid
>> idmap config MBSW : range = 10000001-20000000
>
> if you are using rfc2307 on one side and rid on the other, it is 
> pretty sure that it won't be in sync. You should use rfc2307 also on 
> the samba 3.6, with something like
>
> [global]
>    workgroup = MONDOMAINE
>    security = ADS
>    realm = MONDOMAINE.LOCAL
>    idmap config *:backend = tdb
>    idmap config *:range = 70001-80000
>    idmap config MONDOMAINE:backend = ad
>    idmap config MONDOMAINE:schema_mode = rfc2307
>    idmap config MONDOMAINE:range = 500-40000
>
> By the way, samba 3.6 is going end of life pretty soon (see the recent 
> 4.2RC3 release notes), you should upgrade your 3.6 domain members to 
> samba4 too.
>
> Cheers,
>
> Denis
>
>
>>
>> in their smb.conf. As a result the uids/gids match between the Samba 3.6
>> domain members, but are completely different to the Samba4 DCs.
>>
>> Is there a way to configure the 3.6 domain members to use the same 
>> uid/gid
>> mapping as the Samba4 DCs?
>>
>> Many thanks,
>>
>> Will
>>
>
>

Hi, what you are saying Denis is true as far as it goes, but the OP also 
needs to add the required RFC2307 attributes (uidNumber, gidNumber) to 
the user & group objects.

Rowland



More information about the samba mailing list