[Samba] Samba4 Domain Member Server "Getent show diferents UID"

Rowland penny rpenny at samba.org
Mon Jun 13 19:14:21 UTC 2016

On 13/06/16 19:37, Juan Ignacio wrote:
> Rowland:
> I'll use this email from now, the other does not work well.
> A few years ago around 2.
> We did everything that could be used for NIX and it worked.
> The main DC_AD had been provisioned without rfc2307 and we did later.
> The problem is that at that time by not having infrastructure had to 
> be used as fileserver and this was a problem because all directories 
> are UID of 3000000 onwards.
> Now I installed a new server following the procedure here:
> https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
> All seems to work well but UIDs are different when for example I run
> wbinfo --user-info = uanaco
> Primary AD-DC
> ADDC1 \ uanaco: *: 3000783: 100: uanaco: / home / ADDC1 / uanaco: / 
> bin / false
> member Server
> uanaco: *: 100642: 100008: uanaco: / home / ADDC1 / uanaco: / bin / false
> This is a problem because my intention is to use this file server and 
> testify pass all directories Primary AD-DC to Member Server.
> Is there any way the member server read the same UID as the primary-
> Thank Rowland.

Yes, but what does 'getent passwd ADDC1\uanaco' on the DC show ???
if it shows '3000783' as the users UID, then, unless you have set the 
users uidNumber attribute to 3000783, you are not using RFC2307 
attributes. This is further backed up by the fact that the same user may 
get '100642' as its UID on the domain member.

Few questions:
Have you given your users a uidNumber attribute ?
Have you given 'Domain Users' (at least) a gidNumber attribute ?
If you have done the above, have you run 'net cache flush' on the DC ?
Is PAM set up correctly on the DC and domain member ?


More information about the samba mailing list