[Samba] idmap config with rid backend
lingpanda101 at gmail.com
Wed Apr 18 17:46:27 UTC 2018
I traditionally use the 'ad' backend on member machines with
rfc2307. I decided to give 'rid' a go on a server only performing
authentication. Everything went well with join but I have a few
questions. First my smb.conf on Ubuntu 16.04.4 LTS
security = ADS
workgroup = DOMAIN
realm = DOMAIN.LOCAL
log file = /var/log/samba/%m.log
log level = 1
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config DOMAIN : backend = rid
idmap config DOMAIN : range 10000-999999
winbind nss info = template
template shell = /bin/bash
template homedir = /home/%U
Output of 'getent group'
getent group "DOMAIN\\Domain Users"
Output of 'getent passwd'
getent passwd DOMAIN\\James
My other member servers that utilize the 'ad' backend utilize the same
DOMAIN range of 10000-999999 and I assign uid's and gid's via. RSAT.
* Is it OK to run multiple member servers with different domain
backends in a forest?
* Is it OK to use the same range with different domain backends?
More information about the samba