[Samba] AD and Linux UID/GID best practices.

Sven Schwedas sven.schwedas at tao.at
Tue Feb 18 03:37:20 MST 2014


On 2014-02-18 10:39, Chan Min Wai wrote:
> Dear All,
> I've some question. 
> When I create new users/groups in AD DC. It seem that I still need to add UID and GID in unix attribute. 
> Possible my setup on rfc2370. 
> So I would like to check if there is any other way to do this without configuring UID and GID?

Short answer: No.

Long answer: Most certainly no, unless you don't need an AD in the first
place. If you're using neither Winbind nor SSSD and authenticate with
some hacked together LDAP adapter it might work, but you'll probably get
different UIDs/GIDs on different machines, which will create problems
sooner or later, and isn't half as reliable for authentication.

> Thank you. 
> Regards, 
> Chan Min Wai 

Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140218/653011ea/attachment.pgp>

More information about the samba mailing list