[Samba] idmap config / Is it necessary in my smb.conf file?

Michael Adam obnox at samba.org
Tue May 6 10:36:09 MDT 2014

On 2014-05-06 at 10:44 -0400, lp101 wrote:
>     I have a bit more clarity after reading the link I posted. If
> I'm correct I only need to define these settings on the member
> server? This way the member server can translate the Windows SIDs
> (from the Domain Controllers) to UID/GIDs (on the member server).
> Correct?

Correct. Currently only the member server running the external
winbindd daemon understands these settings.

For the AD/DC setup, these won't have any effect.

Cheers - Michael

> -James
> On 5/5/2014 3:55 PM, lp101 wrote:
> >I'm unclear on exactly if I need this in my smb.conf file. I've
> >provisioned my domain with --use-rfc2307 but did not do any
> >further mapping of UID and GUID in my smb.conf file. I'm currently
> >running 6 Samba4 DC's and am in the process of adding member
> >servers for file sharing. Following the wiki for AD Member Server
> >setup I'm asked to enter idmap config data in my smb.conf file.
> >This is what spawned this question. Must I go back to my DC's and
> >enter this info prior to setup of the member server and join? T
> >
> >idmap config *:backend = tdb
> >    idmap config *:range = 70001-80000
> >    idmap config SAMDOM:backend = ad
> >    idmap config SAMDOM:schema_mode = rfc2307
> >    idmap config SAMDOM:range = 500-40000
> >
> >
> >
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20140506/37ae6d03/attachment.pgp>

More information about the samba mailing list