[Samba] Samba user mapping DC <-> DC Member

basti mailinglist at unix-solution.de
Thu Feb 2 14:38:48 UTC 2017


I try to migrade nt4 to ad.
And I have import my old users to AD. The User ID starts at 1001 up to 7187.

On the DC I see the user ID, on the member I see a wrong ID.

root at ad:~# getent passwd user
FOO\user:*:2029:513:System User:/home/FOO/user:/bin/false

root at member:~# getent passwd user
FOO\user:*:4294967295:3002:System User:/home/FOO/user:/bin/false

My config on member

root at member:~# cat /etc/samba/smb.conf
       security = ADS
       workgroup = KES
       realm = KES

       log file = /var/log/samba/%m.log
       log level = 3

# idmap config for the SAMDOM domain
idmap config kes:backend = ad
idmap config kes:schema_mode = rfc2307
idmap config kes:range = 1001-999999

  domain master = no
  local master = no
  preferred master = no
  os level = 0

  winbind use default domain = yes

  client use spnego = yes
  client ntlmv2 auth = yes
  encrypt passwords = yes
  restrict anonymous = 2

An other Problem ios that i only see users, when "winbind use default
domain = yes" ist set.

Best Regards

More information about the samba mailing list