[Samba] NT_STATUS_INVALID_SID
Rowland Penny
rpenny at samba.org
Tue Nov 1 13:11:28 UTC 2016
On Tue, 1 Nov 2016 10:52:27 -0200
Vinicius Bones Silva via samba <samba at lists.samba.org> wrote:
> I'm not sure I understood the question. Uncommenting the lines or
> commenting them yelds the same results, as long as "idmap_ldb:use
> rfc2307 = yes" is kept in place. Commenting it as well changes the
> ids to the 3 million range. Cleaning the caches did not affect the
> results.
>
I am glad someone else has confirmed what I have been saying for a long
time, adding the 'idmap config' lines to the smb.conf on a DC, does
nothing.
When you setup the first DC, it will use the 'xidNumber' attributes in
idmap.ldb and these are allocated on a first come basis. If you then
give users a uidNumber, these will be used instead.
So, as standard, users get an xidNumber in the '3000000' range, you
could decide to give users a uidNumber in the range '10000-20000' and
these numbers would be used instead of the xidNumbers. You could then
add a line such as this 'idmap config DOMAIN : range 30000-40000' to
smb.conf, the users on the DC would still use the uidNumber you set in
the '10000-20000' range.
Rowland
More information about the samba
mailing list