[Samba] New User NIS Domain & UID

Rowland Penny rowlandpenny241155 at gmail.com
Sat Nov 14 07:44:41 UTC 2015

On 14/11/15 05:25, Henry McLaughlin wrote:
> I have created an AD domain controller using the following guide:
> wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
> I am seeking to setup a domain member using the following guide:
> wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
> I have opted to use idmap_ad using the following guide:
> wiki.samba.org/index.php/Idmap_config_ad
> All of the kerberos and DNS tests pass.
> On the member server wbinfo -u lists all the users
> user1 at jupiter:~$ wbinfo -u
> JUPITER\user1
> user2
> user1
> administrator
> krbtgt
> guest
> On the member server wbinfo -g lists all the groups:
> user1 at jupiter:~$ wbinfo -g
> allowed rodc password replication group
> enterprise read-only domain controllers
> denied rodc password replication group
> read-only domain controllers
> group policy creator owners
> ras and ias servers
> domain controllers
> enterprise admins
> domain computers
> cert publishers
> dnsupdateproxy
> domain admins
> domain guests
> schema admins
> domain users
> dnsadmins
> On the member server getent passwd only lists only the users where a unix
> id has been set in ADUC.

This is correct.

> Does this mean the NIS domain and UID must be set for every user manually
> using the following:
> wiki.samba.org/index.php/Administer_Unix_Attributes_in_AD_via_ADUC

Yes, or you can use samba-tool

> It appears strange that this is not done when the domain was originally
> provisioned.

Why, how would the provision know that you have any Unix users, or what 
number to start them from.

> When creating a new user is there a way to specify a default NIS domain and
> have the UID set automatically?

Using samba-tool you can sort of do this, if you run 'samba-tool user 
create --help' it will list all the options you can set, but you will 
still have to give the NIS domain and UID.


More information about the samba mailing list