[Samba] Samba ADS-member-server: FQDNs in /etc/hosts

Stefan G. Weichinger lists at xunil.at
Tue Jul 11 10:58:14 UTC 2017

Am 2017-07-11 um 12:51 schrieb Rowland Penny:

> Well, that explains where '11029' is coming from, you are using the
> 'rid' backend. The users (or group) ID will be calculated using this
> formula:
> BASE_RID is by default '0', so it becomes:
> So, in your case it becomes
> 11029 = 1029 + 10000


Does that explain in some way why some users work and others not?
And why that worked yesterday?

> Of course, using the 'rid' backend means that you do not need to add
> anything to AD and you do not need this line in smb.conf:
>   idmap config BUERO:schema_mode = rfc2307
> Or you could just change 'idmap config BUERO:backend = rid' to 'idmap
> config BUERO:backend = ad' and use the rfc2307 attributes in AD.

I would prefer not to have to decide this. You understand? ;-)

What's the recommendation here, I don't have a clue, I would just like
to be able to change this to a working config without doing damage to
active sessions, if possible. This is productive environment right now.

To me it sounds preferable to have everything in AD, right? At least
that is what I expect from having all that: all in one place somehow


Can't remember exactly where rid comes from, I think it was a
recommendation by Louis for my test VM (which then was migrated to this DC).

Pls also advise if there are any additional steps needed for any of
these solutions. I always feel unsure if and if not to add some ids and
mappings somewhere ....

Thanks a lot, Stefan

More information about the samba mailing list