[Samba] Rights issue on GPO

Achim Gottinger achim at ag-web.biz
Fri Jun 10 10:13:28 UTC 2016

> OK got it, the main difference is that ids => name mapping /is active/ 
> on DC. So you can avoid idmap.ldb syncing if you don't use 
> --numeric-ids in your rsync command… as long as receiving DC "knows" 
> the group (name will be resolved to ID so id mismatch doesn't matter).
> I think the wiki could be updated to completly remove the 4.2 
> statement if my assumption is correct because if receiving DC never 
> "saw" the BUILTIN group owning a file it'll still be mapped to the 
> same id as the sender… which let us in a inconsistent state
Does this work for you? Using xinetd method for rsync from the wiki user 
and group mapping does not happen. Using rsync over ssh works.


More information about the samba mailing list