[Samba] Mixed Samba4 and 3.6 uids/gids

William Ross william.ross at mercedes-benzsouthwest.co.uk
Mon Dec 22 14:35:20 MST 2014

On 22/12/14 19:04, Rowland Penny wrote:
>On 22/12/14 17:22, Denis Cardon wrote:
>> Hi William,
>>> I have an AD domain (Samba 4.1.13 domain controllers) and some Samba 
>>> 3.6 clients.
>>> I would like the uid/gid mappings to be consistent across the two 
>>> sets of machines.
>> By the way, samba 3.6 is going end of life pretty soon (see the recent
>> 4.2RC3 release notes), you should upgrade your 3.6 domain members to
>> samba4 too.
>> Cheers,
>> Denis
>Hi, what you are saying Denis is true as far as it goes, but the OP also
needs to add the
>required RFC2307 attributes (uidNumber, gidNumber) to the user & group

Does upgrading the member servers to Samba 4 mean they can share the uid/gid
mapping the
Samba 4 DCs are currently using?

According to https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
I would still
need to use:

idmap config DOMAIN : backend = ad

for a member server even under Samba 4. Which would mean I would need to
populate the
uid/gid attributes within AD.
At present, presumably my Samba4 DCs are storing a mapping in the .ldb/.tdb
files in
/usr/local/samba/private (hidden from AD). Is there no way to use the same
mapping on a
member server?

More information about the samba mailing list