[Samba] getent passwd & getent group returning UID and GID using Winbind 4.1.x series samba

Werthmuller, Derek dwerthmu at ctg.albany.edu
Mon Jan 13 20:12:47 MST 2014

Just to make sure that I'm on the right path to get this working the way I would like.

I have a linux file server that has used LDAP the user and group information in the past.  I would like to migrate (recreate) the same users and groups in the samba4 AD DC, adding the UID and GID attributes.  So that I don't have to change the UID and GID permissions on the file servers.

The migration plan would be to setup the new samba 4 server, get staff to reset their password on the new server.  Then upgrade samba on the file servers, point winbind to the new samba server and the migration at the server level would be done.   Users systems not all mobile and not members of the existing domains - so the scripts they use to connect to the shares would just need to make use of the new domain name in the share connection strings.

The problems I'm having now are that wbinfo -I username seems to return some mapped version of the AD user ID and group ID and not the UID and GID.

Account was created with:
sudo samba-tool user add <username> --uid-number=5000 gid-number=5000 home-directory=/exports/users/<usersname> login-shell=/bin/bash

Domain was provisioned with:
sudo /usr/bin/samba-tool domain provision --use-rfc2307 -interactive

Domain member server smb.conf
   idmap config DOM : backend = ad
   idmap config DOM : schema_mode = rfc2307
   idmap config DOM : range = 500-2000
   idmap_ldb : use rfc2307 = yes

   winbind enum users  = yes
   winbind enum groups = yes

What am I missing?  Linux authentication works but the user information is incorrect (wrong uid and gid)


More information about the samba mailing list