[Samba] Unterstanding idmap config

basti mailinglist at unix-solution.de
Fri Feb 3 16:06:07 UTC 2017

in my samba NT4 i have some low uid. Rowland Penny suggest to set it
higher. So far OK.

I config my AD member as followed:

# Default ID mapping configuration for local BUILTIN accounts
# and groups on a domain member. The default (*) domain:
# - must not overlap with any domain ID mapping configuration!
# - must use an read-write-enabled back end, such as tdb.
idmap config * : backend = tdb
idmap config * : range = 1000-6999

# idmap config for the SAMDOM domain
idmap config foo:backend = ad
idmap config foo:schema_mode = rfc2307
idmap config foo:range = 7000-999999

After I flush the cache with "net cache flash" i can see the same uid on
my member as on my AD DC. so Far OK, that is what i would.

The uid i see from LDAP is 1007.

What does the config * mean?
Why can I see a user with uid 1007 from domain when domain start at 7000?

More information about the samba mailing list