[Samba] two domain members, different groupIDs
Rowland Penny
rpenny at samba.org
Mon Jun 26 07:21:22 UTC 2017
On Mon, 26 Jun 2017 08:52:04 +0200
"Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:
> Am 2017-06-22 um 13:10 schrieb Rowland Penny via samba:
> > On Thu, 22 Jun 2017 12:56:25 +0200
> > "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:
> >
> >> Am 2017-06-22 um 10:44 schrieb Rowland Penny via samba:
> >>
> >>>> Can I fix that without breaking things?
> >>>
> >>> If your users have files stored on the domain members, probably
> >>> not.
> >>
> >> I understand that this just creates the need to run some
> >> chown/chgrp-commands after correcting smb.conf and restarting
> >> samba?
> >
> > I suppose it boils down to your definition of 'breaking things' ;-)
> > A user suddenly getting a new ID would be a breakage for me.
> > Using chown will fix things.
>
> Adjusted settings on one server after stopping samba
> After a start (testparm OK) the output is still the same.
>
> Do I have to delete some local file or so to reforce new GIDs/UIDs?
>
> I now have:
>
>
> [global]
> realm = ABC.XYZ
> server string = samba08
> workgroup = XYZ
> os level = 65
> preferred master = No
> logon home =
> logon path =
> disable spoolss = Yes
> load printers = No
> printcap name = /dev/null
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
> map to guest = Bad User
> map untrusted to domain = Yes
> security = ADS
> username map = /etc/samba/smbusers
> template shell = /bin/bash
> winbind enum groups = Yes
> winbind enum users = Yes
> winbind refresh tickets = Yes
> winbind use default domain = Yes
> idmap config lietz:schema_mode = rfc2307
> idmap config lietz:range = 10000-99999
> idmap config lietz:backend = rid
> idmap config *:range = 2000-9999
> idmap config * : backend = tdb
>
>
You will have to do one of three things:
Run 'net cache flush', this will clear winbinds cache.
Restart Samba, this will do the same as the above.
Just wait, eventually the IDs will expire in the cache and winbind will
get them again.
Rowland
More information about the samba
mailing list