[Samba] FreeBSD winbind UID/GID mapping weirdness

Doug Meredith doug.meredith at skyridge.com
Wed Mar 26 18:16:54 MDT 2014

Quick summary:  On FreeBSD 10, Winbind is giving me locally mapped UIDs &
GIDS, rather than the ones specified in AD.

I have two test member servers set up.  A CentOS server running Sernet
Samba 4.1.6 and a FreeBSD server running Samba 4.1.6 built from source.

On CentOS, "getent group {group name}" gives me the correct GID assigned in
AD.  On FreeBSD I am given a value from the 70000 range specified as the
wildcard mapping.  I am using exactly the same smb.conf on both systems.
 This same behavior is shown for all groups and users.

wbinfo -g and wbinfo -u works on both hosts.

The smb.conf is as follows:


   workgroup = DSTRC
   security = ADS
   realm = DSTRC.ORG
   encrypt passwords = yes

   idmap config *:backend = tdb
   idmap config *:range = 70001-80000
   idmap config DSTRC:backend = ad
   idmap config DSTRC:schema_mode = rfc2307
   idmap config DSTRC:range = 500-40000

   winbind nss info = rfc2307
   winbind trusted domains only = no
   winbind use default domain = yes
   winbind enum users  = yes
   winbind enum groups = yes

   vfs objects = acl_xattr
   map acl inherit = Yes
   store dos attributes = Yes

   printcap name = /dev/null
   load printers = no
   disable spoolss = yes
   printing = bsd

Any help would be appreciated.


More information about the samba mailing list