[Samba] Samba 4 permissions error
Rowland penny
rpenny at samba.org
Thu Apr 28 17:07:35 UTC 2016
On 28/04/16 18:03, Jason Voorhees wrote:
> On Thu, Apr 28, 2016 at 2:13 AM, Rowland penny <rpenny at samba.org> wrote:
>> On 28/04/16 07:31, Mueller wrote:
>>> This is a normal behaviour if you are using several dcs. Users und groups
>>> do have another gid/uid on each server
>>> until you fix it manually. This was a hard experiennce and work even fo
>>> rme which I suggest that this should be
>>> the next goal for the samba 4 developers to solve and fix it in an easy
>>> way for the admins.
>>> In my opinion, if I run several dcs in a domain this should be done
>>> between the dcs automatically without intervention.
>>>
>>> Greetings
>>> Daniel
>>>
>>> EDV Daniel Müller
>>>
>>>
>>>
>> It isn't really a problem until you start copying files between DCs by means
>> other than Samba ones. It is very similar to using the 'rid' backend i.e.
>> Samba creates the UID , but with one big difference, the 'rid' backend
>> calculates the UID from the users RID, this way, the user should get the
>> same UID wherever the 'rid' backend is used. With idmap.ldb, the user just
>> gets the next UID available i.e. first come, first served.
>>
>> In my opinion, the 'Well known SIDs' need to be allocated fixed IDs and then
>> winbind usage brought into line with the way a 'domain member' works.
>>
> Now I can barely understand what the problem might be. I'll take a
> look at the wiki page to better understand what's wrong and how to fix
> it.
>
> I'll be back... Have a nice day :)
The fix is fairly simple, you need to copy idmap.ldb from the first DC
to the second and then keep them in sync.
Rowland
More information about the samba
mailing list