[Samba] Winbind rid + SID History creating duplicate per-user groups
steve
steve at steve-ss.com
Tue Jul 29 02:17:18 MDT 2014
On Mon, 2014-07-28 at 10:52 -0400, Josh Kelley wrote:
> I had seen that the idmap directives were deprecated, and I tried
> updating them, but it didn't help. I tried both
> idmap config * : backend = rid
> idmap config * : range = 10000-30000
> and
> idmap config MYDOMAIN : backend = rid
> idmap config MYDOMAIN : range = 10000-30000
>
Hi
You need both
1. the *
and the
2. MYDOMAIN
ranges listed in [global]
and
3. Those ranges must not overlap.
If you want consistent id mapping across the whole of the domain you
must put your uid:gid pairs in AD and use the AD backend. It may be
possible without but after years of trying, we've never achieved it.
HTH
Steve
More information about the samba
mailing list