[Samba] Samba4 Domain Member Server "Getent show diferents UID"

Juan Ignacio juan.ignacio.pazos at gmail.com
Tue Jun 14 17:36:28 UTC 2016


Traducir del: Ingl├ęs
Ok, I have correctly configured the option to use RFC2307 in the
Actide Directory
Domain Controller and the option on the member server.

But anyway still showing bad UIDs.

Here we show how both configurations are actualemente.

Within RSAT I can place the UID attribute for example uanaco.

AD Domain Controller

wbinfo --user-info = uanaco
KENNEDY \ uanaco: *: 3000783: 100: uanaco: / home / ADDC / uanaco: / bin /
false

RSAT changed by UID 1111

wbinfo --user-info = uanaco
ADDC \ uanaco: *: 1111: 100: uanaco: / home / ADDC / uanaco: / bin / false

member Server

wbinfo --user-info = uanaco
uanaco: *: 100642: 100008: uanaco: / home / ADDC / uanaco: / bin / false

After the change of UID.

wbinfo --user-info = uanaco
uanaco: *: 100642: 100008: uanaco: / home / ADDC / uanaco: / bin / false

When I add the UID number to uanaco, information within the AD Domain
Controller changed.

In the member server he did not change the UID.

2016-06-14 13:50 GMT-03:00 Rowland penny <rpenny at samba.org>:

> On 14/06/16 17:32, Juan Ignacio wrote:
>
>> Rowland, a question.
>>
>>
>> "is to copy idmap.ldap from the first DC to all others and then keep them
>> in sync, the other is to use RFC2307 attributes."
>>
>> I can do the same with my member server? Maybe it works, or not for beign
>> a member server.
>>
>> Maybe i can change my Member Server to a Domain Controller and after use
>> idmap, sync.
>>
>> Its ok?
>>
>> Analista Inf.
>> Juan Ignacio Pazos <
>> http://www.linkedin.com/pub/juan-ignacio-pazos-lorenzo/19/9b9/26a>
>>
>>
> If you want to have the same UIDs & GIDs everywhere, the only option is to
> use RFC2307 attributes and the winbind 'ad' backend on Unix domain members
> (note: a 'member server' is just a domain member that serves files,
> printers etc)
> You only need to give your users & groups a uidNumber or gidNumber
> attribute, there is no need to give the BUILTIN users & groups a uidNumber
> or gidNumber.
>
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list