[Samba] Winbind backend : rid is too much underappreciated

Marc Muehlfeld mmuehlfeld at samba.org
Sat Feb 21 14:09:54 MST 2015

Hello Miguel,

Am 21.02.2015 um 21:05 schrieb Miguel Medalha:
> After strugling for two days to configure a member server against a
> Samba Active Directory  with the ad/RFC2307 backend, I turned
> to the rid backend and voilà! all my problems are gone.

What problems did you had to get it running? I find it simple to setup.
And there's documentation about it in the Wiki, too. For setting up
RFC2307 in your AD and how member servers have to be configured (incl.
smb.conf example).

> Having to manually edit uids/gids in UNIX Attributes under
> RSAT does really suck!

My patch is already in master and currently in autobuild for 4.2. It
will allow you to create RFC2307 enabled accounts via samba-tool.

> The Administrator account is never correctly mapped and setting
> permissions on the member server becomes a PITA.

What do you mean with "admin is never correctly mapped"?

And what's wrong with the permission settings on members? From ACL
settings side (chown/chgrp or via Windows tools), there's no different,
what ID backend is used.

> How come this is not more widely known? Even the Samba Wiki page
> about the RID backend is empty!

I think most prefer the advantages of RFC2307.

The main reason why the Wiki page about it is still empty is, that I
didn't had time during the last weeks, to continue working on the
documentation. :-) But all important about it, including an example, you
also find in
# man idmap_rid


More information about the samba mailing list