[Samba] Winbind rid + SID History creating duplicate per-user groups
steve
steve at steve-ss.com
Wed Jul 30 03:47:48 MDT 2014
On Tue, 2014-07-29 at 16:50 -0400, Josh Kelley wrote:
> On Tue, Jul 29, 2014 at 4:17 AM, steve <steve at steve-ss.com> wrote:
> > Hi
> > You need both
> > 1. the *
> > and the
> > 2. MYDOMAIN
> > ranges listed in [global]
> > and
> > 3. Those ranges must not overlap.
>
> Thanks. I thought I had the MYDOMAIN working by itself, but I think
> my mistake was that I'd failed to clear winbind's caches and was
> seeing old info. (I don't know if there's a recommended way of
> testing winbind configs besides deleting winbind*.tdb and
> gencache*.tdb between tests.)
Hi
We use:
net cache flush
HTH,
Steve
>
> > If you want consistent id mapping across the whole of the domain you
> > must put your uid:gid pairs in AD and use the AD backend. It may be
> > possible without but after years of trying, we've never achieved it.
>
> We've been using rid for consistent mapping for several years now.
> Prior to upgrading to Samba 4.x, it never caused problems.
>
More information about the samba
mailing list