[Samba] Sysvol replication with Unison for more than 2 server.

Rowland Penny rowlandpenny at googlemail.com
Sat Oct 4 08:31:01 MDT 2014

On 04/10/14 13:37, Vash wrote:
> Rowland Penny <rowlandpenny <at> googlemail.com> writes:
>> Yes they are, if you create a new user on a DC, it will replicate to any
>> other DC's and if you examine the users SID on each DC, they will all be
>> the same.
> Sorry Rowland, you're right about SID, but... if user has not activated
> rfc2307 and NIS, the uid/gid -> SID relationship could be different on each
> servers.

there is only a relationship between SID and uid/gid numbers if you use 
winbind and the rid backend and yes, they could be different on on each 
member server/client and they will definitely be different on the server.
If you do use the rfc2307 attributes and the winbind ad backend, then 
you will get the same uid/gid numbers everywhere.

> You can read it in "Possible problems, when RFC2307 is not used" section of
> this document:
> https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC
> That's what I meant before.
>> There is if you want to ensure that the builtin users have the same
>> xidNumbers on all DC's
> So... Why is there the need of copy idmap.ldb if rfc2307 and NIS are activated?
> Just to understand.

Because the xidNumbers for the builtin users/groups stored in idmap.ldb 
can and probably will be different on each DC.

>> Using rfc2307 should be the default (in my opinion), NIS extensions are
>> the default. But having said that, this has nothing to do with the problem.
> rfc2307 isn't the default.
> Option --use-rfc2307 during domain provisioning is needed.

All that does is place a line in smb.conf. Everything else is there 
whether or not you use rfc2307 attributes.

>> correct, but as I said we really are discussing xidNumber's.
> are xidNumber attribute stored in idmap.ldb?

Yes, that is what it is for, have you tried reading its contents?

> --
> Eros

More information about the samba mailing list