[Samba] UID and GID mapping throw DC and Member DC
Rowland Penny
rowlandpenny at googlemail.com
Mon Mar 23 12:43:21 MDT 2015
On 23/03/15 18:27, Jhon P wrote:
> After tried to solve the problem with "getent", I found another
> problem with the Member server.
>
> The member server works well, but the "uid" and "gid" mapping for
> users its incorrect.
>
> In the DC the "UID" "GID" its around 3000085
>
> In the Member Server its around 2000 - 3000
>
> For example:
>
>
> ADDC Server.
> ---------------------
> root at ACDC:/# wbinfo --user-info=Prueba
> KENNEDY\prueba:*_:3000022:100_:Prueba:/home/KENNEDY/prueba:/bin/false
The '3000022' is coming from winbind mapping the users RID
>
> MEMBER SERVER
> -----------------------
> root at MEMBERSERVER/home/prueba# wbinfo --user-info=prueba
> prueba:*:_2451:2004_:Prueba:/home/KENNEDY/prueba:/bin/false
>
The '2451' is again coming from winbind mapping the users RID, but
because you are using different winbinds on the DC and the member
server, you are getting different numbers. This is just one of the
reasons not use the DC for anything other than authentication.
You could try adding a 'uidNumber' to your AD users and a 'gidNumber' to
'Domain Users', these numbers need to be inside the range set in the
member server smb.conf, for instance if you follow the member server
page on the wiki, not less than 2000 and not more than 999999.
I must point out that if this does not work, it may be time to get the
sledgehammer out :-)
Rowland
> Any way to solve this.
More information about the samba
mailing list