[Samba] idmap & migration to rfc2307

Rowland Penny rowlandpenny241155 at gmail.com
Sun Nov 8 09:29:07 UTC 2015

On 07/11/15 23:28, Michael Adam wrote:
> rsync will work if not using --numeric-ids.

OK, I know that logins will work on all the samba machines, but I am not 
sure what you say about rsync is correct, this is what 'man rsync' has 
to say about '--numeric-ids':

--numeric-ids           don't map uid/gid values by user/group name

So by my reading, if you don't use it, your uid/gids are mapped to the 
user/group and if you do, they aren't. From the problems that arose with 
trying to rsync Sysvol (yes I know this is useless on a Unix machine) 
where the xidNumbers are usually different from DC to DC, I am fairly 
sure this isn't going to work, the cure is to have the same idmap.ldb on 
all DCs.

There is also the problem of when a user creates a tarball on one 
machine and then copies it to another and unpacks it, they may find that 
all the files no longer belong to them.

If you log into *any* windows domain machine, you will get the same 
SID-RID, why should Unix be any different?


More information about the samba mailing list