[Samba] updating TDB user/group entries to RID
Rowland Penny
rpenny at samba.org
Fri Oct 27 14:46:36 UTC 2017
On Fri, 27 Oct 2017 15:17:56 +0200
Oleg Cherkasov via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I wonder if there are any tools to simplify transition from TDB to
> RID on existing system in production. Long story short, by mistake
> one of our servers were configured with default idmap set to a range:
>
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
>
> The server had joined domain and everything works just fine however I
> may need to fix user/group ids and make it like that:
>
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> idmap config MYDOMAIN : backend = rid
> idmap config MYDOMAIN : range = 8000-999999999
>
> Existing users and groups are still in TDB so RID does not have any
> effect unless uncached user used.
>
> I suspect I may need to do some scripting with tdbtool and
> getfacl/setfacl to be able to migrate existing filesystem to new ids.
> Using robocopy may be expensive to pull and push files because
> filesystem is more than 35Tb+ ...
>
> Anyone had any good experience with that?
>
>
> Cheers,
> Oleg
>
From what I understand, your domain users and groups are being
allocated IDs in the 3000-7999 range, if this is so, it will probably
be be easier to script around 'getent passwd' and 'getent group'.
Rowland
More information about the samba
mailing list