[Samba] UID and GID mapping throw DC and Member DC

Jhon P patocius at hotmail.com
Wed Mar 25 06:36:14 MDT 2015 

Ok, im try add uidNumber for the user and it works, on both servers UID is equal. :-)
I can change the uid of the administrator or it may cause problems?

 Greetings.



> Date: Mon, 23 Mar 2015 21:47:20 +0000
> From: rowlandpenny at googlemail.com
> To: samba at lists.samba.org
> Subject: Re: [Samba] UID and GID mapping throw DC and Member DC
> 
> On 23/03/15 21:37, Jhon P wrote:
> > Correct me if I'm wrong?
> >
> > You say that by RSAT and NIS I add a uid and gid for each user in the DC.
> 
> NO, you need to add a 'uidNumber' attribute to each user that you want 
> to be visible to Unix, you also need to add a 'gidNumber' attribute to 
> the groups that you want to be visible, at a minimum 'Domain Users'. 
> These are the numbers that have to be inside the range set in smb.conf.
> 
> > As mentioned here:
> > https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Check_if_RFC2307_is_used_by_your_Domain_Controllers
> >
> > If I do this, users are added to the passwd file on the domain 
> > controller or saved to the db sam?
> >
> 
> Do not add any users to /etc/passwd (via useradd) that you want to be 
> domain users, your users are either domain users or local users, they 
> cannot be both in a Active directory domain.
> 
> 
> > Im go to try this tomorrow.
> >
> > That big problem is not provisioned with RFC2307!!!!
> >
> >
> 
> Yes but you have updated your AD by following the wiki page I pointed 
> you at, haven't you ??
> 
> Rowland
> 
> > > Date: Mon, 23 Mar 2015 20:55:23 +0000
> > > From: rowlandpenny at googlemail.com
> > > To: samba at lists.samba.org
> > > Subject: Re: [Samba] UID and GID mapping throw DC and Member DC
> > >
> > > On 23/03/15 20:28, Jhon P wrote:
> > > > Question:
> > > > When you add users to the ADDC the UID users are always going to be
> > > > different from those obtained by the DC winbind Member?
> > >
> > > If you add uidNumbers & gidNumbers to users and groups you will get the
> > > same ID numbers everywhere, here is an example:
> > >
> > > On a DC:
> > >
> > > root at dc01:~# getent passwd rowland
> > > EXAMPLE\rowland:*:10000:10000:Rowland 
> > Penny:/home/EXAMPLE/rowland:/bin/bash
> > >
> > > And on my laptop (a linux client):
> > >
> > > rowland at ThinkPad ~ $ getent passwd rowland
> > > rowland:*:10000:10000::/home/rowland:/bin/bash
> > >
> > > >
> > > > I talk about destroy the member server, because I have the freedom to
> > > > do it again if necessary, this server is not in production.
> > > >
> > > > Regards.
> > > >
> > >
> > > Rowland
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions: https://lists.samba.org/mailman/options/samba
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list