[Samba] ldbedit: no matching records - cannot edit (newly-created user)

Sketch smblist at rednsx.org
Fri Sep 11 15:27:59 UTC 2015

On Fri, 11 Sep 2015, Jim Seymour wrote:

> It may seem odd, to some of you, but when my multi-platform users log on
> to MS-Win or *nix: They expect to see their files and directories,
> regardless of which platform they're using.  They don't expect to see
> their "Windows stuff" in one place and their "Unix stuff" in another.
> So, yes, the UIDs/GIDs have to be *nix user UIDs and GIDs.

I think you misunderstood my response.  Let me restate:

The actual maximum UID on modern Linux systems is 2147483647 (2^31). 
UID_MAX does not define the maximum number for UIDs, it defines the 
maximum number that adduser will use when creating local users in 
/etc/passwd.  When you are creating users in Samba or LDAP or any other 
non-local directory, you are not using adduser or similar tools, so 
UID_MAX is irrelevant.

On my active directory domain member CentOS Linux workstation:

$ uname -o -r
3.10.0-229.7.2.el7.x86_64 GNU/Linux
$ grep ^UID_MAX /etc/login.defs
UID_MAX                 60000
$ id -u

My suggestion for non-overlapping UID ranges is merely a way to try to 
avoid human error in the case of potentially creating both local 
(/etc/passwd) and non-local (LDAP) users with the same UID.  That would 
result in the kernel and filesystem treating them as the same user, which 
could at best be confusing, and at worst be a security issue.

More information about the samba mailing list