[Samba] Using samba AD in mixed OS environment
Rowland Penny
rpenny at samba.org
Fri May 4 12:23:04 UTC 2018
On Fri, 4 May 2018 11:53:08 +0100
Zdravko Zdravkov <nirayah at gmail.com> wrote:
> True that.
>
> oddjob wasn't running, now it's fine, but apparently everything is the
> same. In CentOS I see a folder created by my new "testuser" in
> Windows. The folder's owner is 1000024 while getent passwd testuser
> responds with 11184 which is nowhere near the same.
> I guess I'm not making something right during the whole configuration.
>
Windows uses the RID to identify users & groups
A samba DC uses xidNumbers to identify users & groups, unless uidNumber
& gidNumber attributes are added to AD. If they are added, these are
used.
On a Unix domain member, it depends on which winbind backend you use.
If you use the 'rid' backend, then the IDs are calculated from the RID
If you use the 'ad' backend, then you need to add 'uidNumber' &
'gidNumber' attributes to AD.
If you use the 'rid' backend on a Unix domain member, you will never
get the same ID as on a Samba DC. The only way to get the same numeric
ID on all Unix machines is to use the 'ad' backend.
Does it matter if you get different numeric IDs on Unix machines, no,
just as long as the individual Unix machine can map the numeric ID to
the correct user or group name.
Rowland
More information about the samba
mailing list