[Samba] Samba4 AD -- Mac OS X clients uid:gid numbers not consistent

Arun Khan knura9 at gmail.com
Wed Sep 10 05:57:51 MDT 2014

SOLVED sort of.   I was going to post this later today but here it is.

On Wed, Sep 10, 2014 at 2:46 PM, Rowland Penny
<rowlandpenny at googlemail.com> wrote:
> OK, I think that if you do want to get the users to have the same ID number
> everywhere, you are going to have to use uidNumber's & gidNumber's on the AD
> server, set sssd to use these and then investigate just how you get your mac
> machines to use them .

Thanks for the response.

The sssd.conf comes Linux (CentOS) clients and indeed they appear to
be consistent with Windows desktops.

After much searching and experimentation, came to conclusion that OS X
does it own uid:gid mapping (consistent with Ralph Bohme's response in
this thread); it  would not work for NFS mounts which the client was
insisting on.

The solution that works for Mac OS X + AD authentication -- the
network shares have to be mounted as SMBFS; the  uid:gid names map
properly across Linux, Windows and OS X.  Interestingly, the blogs and
OS X best practices, that I have come across, do not discuss this
nuance.  The client has reluctantly accepted this solution.

Hope this helps.
-- Arun Khan

More information about the samba mailing list