[Samba] userid shows 4294967295

Nico De Ranter nico.deranter at esaturnus.com
Tue Dec 8 08:51:35 UTC 2015


On Mon, Dec 7, 2015 at 5:27 PM, Rowland penny <rpenny at samba.org> wrote:

> On 07/12/15 16:08, Nico De Ranter wrote:
>
>>
>> I'm coming from a Debian system so my system accounts are below 1000,
>> regular accounts start at 1000. For some historical reason somebody gave
>> our main group id 500 so therefor I want my usable range to start at 500.
>>
>
> Bad idea, you will probably need at least one local Unix user, where are
> you going to put it. My advice would be to follow the Samba wiki and use
> the numbers you will find there.
>

It may be a bad idea but it is the reality I need to live with.  I'm adding
an AD domain to an existing Linux network.  Renumbering my existing Linux
users (and therefor ownership of all files on all linux systems) is simply
out of the question.

However I intend to assign unix properties to all my users and groups in AD
hand picking the ID's to match the existing ones anyway.  Any new user will
get an id above 10000.


>
>
>> Do I need both idmap config *:range and  idmap config SAMDOM:range?  I
>> also tried with only 'idmap config *:range' but that didn't seem to help.
>> I'll try again tomorrow.
>>
>
> Yes you do, the first is for the builtin user & group mappings and the
> second is for your AD users & groups.
>
>
>> I also noticed that my second AD didn't have rfc2307 enabled so that may
>> also have introduced some issues.
>>
>
> Not really, all the info should be in AD, you probably just need to add
> 'idmap_ldb:use rfc2307 = yes' to smb.conf on the second DC.
>
> Rowland
>
>
>> @Stefan Kania, thanks for the 'net cache flush', I didn't know that.
>>
>> Nico
>>
>>
Nico


-- 
Nico De Ranter

Operations Engineer

T. +32 16 40 12 82

M. +32 497 91 53 78


<http://www.esaturnus.com>



<http://www.esaturnus.com>




<http://www.esaturnus.com/company/news/313>



<http://www.esaturnus.com/>


More information about the samba mailing list