[Samba] posix gid mapping of built-in groups
L.P.H. van Belle
belle at bazuin.nl
Fri Jun 27 05:28:29 MDT 2014
and same here... but... i got rid of it.
It has something to do with the order of setting the nis UID and GID.
What i did, i dropped the complete samba db ( aka new provisioning )
after the new provisioning it set
idmap config DOMAIN:range = 5000-40000
in smb.conf
changed it straight after that in the samba sam database.
( default is 10000, i lowered to 5000 )
the i first did set the group gid
and then the users.
and it was gone..
but what it caused i dont know.
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: sven.schwedas at tao.at
>[mailto:samba-bounces at lists.samba.org] Namens Sven Schwedas
>Verzonden: vrijdag 27 juni 2014 12:47
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] posix gid mapping of built-in groups
>
>On 2014-06-27 11:51, Henrik Langos wrote:
>> Hi Sven,
>>
>> On 06/23/14 14:40, Sven Schwedas wrote:
>>> On 2014-06-23 13:32, Henrik Langos wrote:
>>>> Hi Louis,
>>>>
>>>> Thank you for the link. I've seen your scripts before and
>it was on my
>>>> todo list to check it out and maybe even update the wiki
>>>> with a reference to it:
>>>> https://wiki.samba.org/index.php/SysVol_Replication
>>>>
>>>> However, my problem arises from not having Windows AD
>groups mapped to
>>>> the same posix uidnumber on all AD DCs, not from having
>changes made on
>>>> different DCs.
>>>>
>>>> Is there a down side to providing posix gid numbers to all
>AD built-in
>>>> groups?
>>>> Does anybody have experience with that approach?
>>> As far as I know, there is no downside, and it might even
>be necessary
>>> for winbind; we're running with Posix attributes on all our groups
>>> without issues so far.
>>
>> I've added Unix attributes to all my groups using ADUC.
>> Now every time I enter the "UNIX Attributes" tab in the properties
>> of those groups, I get a small error dialog saying "Execution denied"
>> (actually it says "Ausführung verweigert" as it is a German
>Windows 7 ).
>>
>> I click on OK (there is no other button) and I get to edit the Unix
>> attributes.
>> It doesn't seem to cause trouble apart from that little dialog.
>> Still I'd like to know what is happening there.
>>
>> Any hint on what is to be executed and how to fix the issue?
>> Ideas how I may debug this ?
>
>We're actually having the same issue. I haven't found the
>cause yet, but
>it /appears/ to be harmless.
>
>>
>> cheers
>> -henrik
>>
>
>--
>Mit freundlichen Grüßen, / Best Regards,
>Sven Schwedas
>Systemadministrator
>TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
>Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
>http://software.tao.at
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list