[Samba] Two DC but Different UID
Carlos A. P. Cunha
carlos.hollow at gmail.com
Tue Jun 14 16:52:35 UTC 2016
Okay, and how to do it?
Thanks
Em 14-06-2016 13:40, mathias dufresne escreveu:
> That's one things to add schema in your AD, that's another thing to
> use that schema.
>
> Adding schema for rfc2307 in AD grant you possibility to set
> uidNumber, gidNumber, loginShell and others attributes to your AD
> users. That grant you that possibility but you are free to use that
> possibility.
>
> Next step is to define xidNumber to your users.
>
> 2016-06-14 18:31 GMT+02:00 Carlos A. P. Cunha <carlos.hollow at gmail.com
> <mailto:carlos.hollow at gmail.com>>:
>
> Understood, I leave dess form, or may have problems
> As for examples, with fileserver (separately)?
> But I already was using the RFC2307, because in both I am with the
> option:
> idmap_ldb: use RFC2307 = yes
> ???
>
> Thank you
>
>
>
> Em 14-06-2016 13:13, Rowland penny escreveu:
>
> On 14/06/16 17:00, Carlos A. P. Cunha wrote:
>
> Correcting previous email
>
>
> Hello!
> Own two Dcs Samba 4.4, this all OK, but ids are different:
>
>
> Example DC1:
> id tr005
> uid = 3000039 (TESTELOCAL \ tr005) gid = 100 (users)
> groups = 100 (users), 3000039 (TESTELOCAL \ tr005),
> 3,000,009 (BUILTIN \ users)
>
> Example DC2:
> id tr005
> uid = 3000023 (TESTELOCAL \ tr005) gid = 100 (users)
> groups = 100 (users), 3000023 (TESTELOCAL \ tr005),
> 3,000,001 (BUILTIN \ users)
>
> My smb.conf is the same in both:
> # Global parameters
> [global]
> workgroup = TESTELOCAL
> realm = TESTELOCAL.INTERNO
> netbios name = SAMBADC-01
> server role = active directory domain controller
> server services = s3fs, rpc, NBT, wrepl, ldap, CLDAP, kdc,
> drepl, winbindd, ntp_signd, kcc, dnsupdate
> idmap_ldb: use RFC2307 = yes
>
>
> [Netlogon]
> path = /opt/samba/var/locks/sysvol/testelocal.interno/scripts
> read only = No
>
> [Sysvol]
> path = / opt / samba / var / locks / sysvol
> read only = No
>
>
> The doubt is this and problem?
> If yes, how to fix?
>
> Thank you
>
>
> Em 14-06-2016 12:59, Carlos A. P. Cunha escreveu:
>
>
> Hello!
> Own two Dcs Samba 4.4, this all OK, but ids are different:
>
>
> Example DC2:
> id tr005
> uid = 3000039 (TESTELOCAL \ tr005) gid = 100 (users)
> groups = 100 (users), 3000039 (TESTELOCAL \ tr005),
> 3,000,009 (BUILTIN \ users)
>
> Example DC2:
> id tr005
> uid = 3000023 (TESTELOCAL \ tr005) gid = 100 (users)
> groups = 100 (users), 3000023 (TESTELOCAL \ tr005),
> 3,000,001 (BUILTIN \ users)
>
> My smb.conf is the same in both:
> # Global parameters
> [global]
> workgroup = TESTELOCAL
> realm = TESTELOCAL.INTERNO
> netbios name = SAMBADC-01
> server role = active directory domain controller
> server services = s3fs, rpc, NBT, wrepl, ldap, CLDAP,
> kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
> idmap_ldb: use RFC2307 = yes
>
>
> [Netlogon]
> path =
> /opt/samba/var/locks/sysvol/testelocal.interno/scripts
> read only = No
>
> [Sysvol]
> path = / opt / samba / var / locks / sysvol
> read only = No
>
>
> The doubt is this and problem?
> If yes, how to fix?
>
> Thank you
>
>
>
> Each DC can and probably will have different UIDs for users,
> this is because the DCs use idmap.ldb and this uses
> 'xidNumber' attributes which seem to be allocated on a first
> come basis. One way to get the same UID numbers on all DCs, is
> to copy idmap.ldap from the first DC to all others and then
> keep them in sync, the other is to use RFC2307 attributes.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list