[Samba] Continued Group Policy issues
Anantha Raghava
raghav at exzatechconsulting.com
Thu Jul 12 13:19:06 UTC 2018
Hi,
But, all user/groups should have the same ids on all DCs right? That's
what we had thought all these days? Suppose we sync the idmap.ldb along
with sysvol, will it not call for restart of Samba-ad-dc service every
time the changes to GPs are made?
--
Thanks & Regards,
Anantha Raghava
Do not print this e-mail unless required. Save Paper & trees.
On 12/07/18 6:42 PM, Rowland Penny via samba wrote:
> On Thu, 12 Jul 2018 18:31:42 +0530
> Anantha Raghava via samba <samba at lists.samba.org> wrote:
>
>> Hello Rowland,
>>
>> Thanks for your quick response.
>>
>> We are syncing only sysvol from first Domain Controller, but not
>> idmap.ldb. Do we need to sync idmap.ldb as well?
>>
> Yes, users and groups are mapped in idmap.ldb on a first come basis,
> this means you highly likely to get different ID numbers on each DC.
> This means that a group could get the ID '3000002' on the first DC and
> '3000022' on another and '3000002' on the second DC could be another
> user/group.
>
> Rowland
>
More information about the samba
mailing list