[Samba] Samba 4 Member server show diferent UID than Ad Server
mathias dufresne
infractory at gmail.com
Mon Oct 3 15:00:33 UTC 2016
Hi,
We finally decided to synchronize idmap.ldb using rsync.
We also have added UID and/or GID to every user and groups, even those in
cn=builtin and cn=users.
That was done several months ago and since we do not encounter any issue in
GPO.
I read here there are others possibilities, that's the one we choose and it
seems to work.
Cheers,
Mathias
2016-09-23 1:58 GMT+02:00 Edson Tadeu Almeida da Silveira via samba <
samba at lists.samba.org>:
> I'm having the same problem and i can't find the solution.
>
> How are you about this ?
>
> Tks!!
>
> 2016-06-14 13:09 GMT-03:00 Juan Ignacio <juan.ignacio.pazos at gmail.com>:
>
> > Anyway everything seems to work well.
> > The shares are correctly and users recognize them without problems.
> getent
> > and wbinfo.
> >
> > The main problem is that apparently the Member DC does not get the UID
> > properly containing the user in the ADDC.
> >
> > There is something that can change in the smb.conf the Member DC, I
> > remember a few years ago with the same AD DC we get the UID correctly.
> >
> > 2016-06-14 12:58 GMT-03:00 Juan Ignacio <juan.ignacio.pazos at gmail.com>:
> >
> > > No, im not provisioning it with samba-tool im provision folowing the
> > Samba
> > > Documentation.
> > >
> > > https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
> > >
> > > Analista Inf.
> > > Juan Ignacio Pazos
> > > <http://www.linkedin.com/pub/juan-ignacio-pazos-lorenzo/19/9b9/26a>
> > >
> > > 2016-06-14 12:52 GMT-03:00 Rowland penny <rpenny at samba.org>:
> > >
> > >> On 14/06/16 16:42, Juan Ignacio wrote:
> > >>
> > >>> The structure is as follows.
> > >>>
> > >>> AD DC (Samba 4.1)------------------- Member DC (Samba 4.4)
> > >>>
> > >>> private/idmap.ldb ----------------- not private/idmap.ldb
> > >>>
> > >>>
> > >>> The idmap.ldb file you found, was this on a secondary AD DC ?
> > >>>
> > >>> -No the idmap.ldb i found was in the primary AD DC, im not have a
> > >>> secondary AD DC, i also have a Member DC.
> > >>>
> > >>>
> > >> If you created the 'Member DC' by provisioning it with samba-tool,
> can I
> > >> suggest you remove it from the domain, then rejoin it as a secondary
> DC.
> > >> Whilst you 'can' provision a 'Member DC' with samba-tool, it isn't
> > really
> > >> a 'Member DC', it doesn't work correctly. You can only provision a DC
> > with
> > >> samba-tool, everything else is depreciated and could be and probably
> > will
> > >> be removed when 4.6.0 comes out (the release after next)
> > >>
> > >>
> > >> Rowland
> > >>
> > >> --
> > >> To unsubscribe from this list go to the following URL and read the
> > >> instructions: https://lists.samba.org/mailman/options/samba
> > >>
> > >
> > >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
>
>
>
> --
>
> -------------------------------------------
> Edson Tadeu Almeida Silveira
> http://sites.google.com/site/edsontadeu/
> -------------------------------------------
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list