[Samba] Strange GID and UID with winbindd + Samba AD DC
walk2sun at arcor.de
Fri Mar 14 04:23:23 MDT 2014
On 10:43:12 wrote Chan Min Wai:
> Dear Rowland and Steve,
> Thank you for the help.
> So confirm that there is nothing wrong with my configuration.
> But a Bugs in winbind. :)
No, i do not think so.
> Yea :)
> Thank again.
Group mapping is one of the complex things in samba.
Your configuration may or may not work. It depends on your needs.
i.e. you try to configure a member server. Fine.
allowed rodc password replication group:x:4294967295:
enterprise read-only domain controllers:x:4294967295:
denied rodc password replication group:x:4294967295:krbtgt
read-only domain controllers:x:4294967295:
group policy creator owners:x:4294967295:administrator
and so on...
All these groups has the same gidnumber. So for an posix filesystem all
are the same, but with different names and different members. The winner
One may ask an oracle?
You have asked:
There are some strange value UID/GID
4294967295 <-- what number is this?
4 billion is the highest integer your OS supports.
This number (minus 1) comes from the idmapping stuff.
All your BUILTIN groups have the same gidnumber. So fix your config as
Rowland posted before.
Think about "each group mmust have a unique gidnumber, on all servers in
your domain and if you use multiple domains all BUILTIN groups may have
a uniq gidnumber which should be the same for all domains"
More information about the samba