[Samba] Winbind rid + SID History creating duplicate per-user groups
joshkel at gmail.com
Tue Jul 29 15:15:53 MDT 2014
On Mon, Jul 28, 2014 at 11:42 AM, Rowland Penny
<rowlandpenny at googlemail.com> wrote:
> There is quite a lot of your smb.conf that is not really required any more,
> have a look here:
Thanks. I'll work on cleaning it up.
> I do not think that winbind itself can create users and groups, simplifying
> things a lot, it just pulls info from somewhere, in this case the AD
> database, so if your users have a group with the same name as their
> username, somebody or something is creating them.
Maybe my choice of terminology was poor? Winbind creates Unix users
and groups that correspond to the info that it pulls from Active
After spending far too much time experimenting with old versions, I
discovered that winbind *does* create per-user groups (sometimes
referred to as "user private groups"), starting with 4.0.5. More
User private groups is apparently a feature and cannot be disabled. I
don't know (or don't know the intricacies of user/group mapping and AD
compatibility well enough to understand) why it was added, but it
should generally be harmless for a Unix environment.
I believe that the fact that SID history can cause duplicate groups to
be created is a bug, and I've logged it at
Thanks for your help.
More information about the samba