[Samba] Validate Ids Multiple DC
Carlos A. P. Cunha
carlos.hollow at gmail.com
Fri Jan 29 15:42:18 UTC 2016
Hello!
No, the first DC was a migration of a Win Server 2003, and the second DC
Samba only.
Yes, but already I posted the smb new post.
smb.conf
# Global parameters
[global]
workgroup = SERVERAD
realm = mydomain
netbios name = DC-LINUX1 (and DC-LINUX2)
server role = active directory domain controller
passdb backend = samba_dsdb
server services = s3fs, rpc, nbt, wrepl, ldap, CLDAP, kdc, drepl,
winbindd, ntp_signd, kcc, dnsupdate
map archive = No
map readonly = no
store the attributes = Yes
vfs objects = dfs_samba4 acl_xattr
idmap_ldb: use RFC2307 = yes
kerberos method = system keytab
client ldap sasl wrapping = sign
allow DNS updates = nonsecure and secure
nsupdate command = / usr / bin / nsupdate -g
## Map id's to outside domain to tdb files.
idmap config *: backend = tdb
idmap config *: range = 2000-9999
### Map IDs from the domain and (*) the range may not overlap!
idmap config SERVERAD: backend = ad
idmap config SERVERAD: schema_mode = RFC2307
idmap config SERVERAD: range = 10000-3999999
## Use home directory and shell information from AD
winbind nss info = RFC2307
winbind trusted domains only = on
winbind use default domain = yes
winbind expand groups = 4
# Disable Cups
load printers = no
printing = bsd
printcap name = / dev / null
spoolss disable = yes
DC-LINUX1
id userproxy01
uid = 3000370 (SERVERAD \ userproxy01) gid = 100 (users) groups = 100
(users), 3000370 (SERVERAD \ userproxy01), 3,000,001 (BUILTIN \ users)
getent passwd userproxy01
SERVERAD \ userproxy01: *: 3000370: 100: userproxy01: / home / SERVERAD
/ userproxy01: / bin / false
DC-LINUX2
id userproxy01
uid = 3000036 (SERVERAD \ userproxy01) gid = 100 (users) groups = 100
(users), 3000036 (SERVERAD \ userproxy01), 3,000,001 (BUILTIN \ users)
getent passwd userproxy01
SERVERAD \ userproxy01: *: 3000036: 100: userproxy01: / home / SERVERAD
/ userproxy01: / bin / false
Em 29-01-2016 13:34, Rowland penny escreveu:
> On 29/01/16 15:26, Carlos A. P. Cunha wrote:
>> At first no, but I find it strange tere different ids...
>
>
> Can you post your smb.conf.
>
> Have you given any of your users & groups a uidNumber or gidNumber ?
> How many DCs have you ?
>
> Rowland
>
>>
>> Please if you can have your sm.conf would help.
>>
>
>
More information about the samba
mailing list