[Samba] Samba 4 AD and Samba 3.6 Fileserver GID Problem

Marc Linden mlinden at age.mpg.de
Tue May 8 12:38:16 UTC 2018

Hi all,

I am preparing a migration from openLDAP to Samba 4 AD

I am trying to get a Samba 3.6 fileserver (for different reasons it has 
to be samba 3.6) with ad backend to work with a Samba 4 AD.

Almost everything is working. The only problem is that the fileserver 
does not map the users gidNumber correctly.


userx has the uid 1229 and the gid 1040

If I use the "id" command on the DC everything looks correct:

[root at dc1 ~]# id userx
uid=1229(userx) gid=1040(group_xx) 
groups=1040(group_xx),6000(EXAMPLE\domain users),3000009(BUILTIN\users)

But on the fileserver the gid 1040 is missing completely:

[root at samba3 ~]#id userx
uid=1229(userx) gid=6000(domain users) groups=6000(domain 

Here is the content of my Samba 3 smb.conf:

security = ADS
workgroup = EXAMPLE
loglevel = 4

winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
idmap config * : range = 500000-799999
idmap config EXAMPLE : backend = ad
idmap config EXAMPLE : schema_mode = rfc2307
idmap config EXAMPLE : range = 1000-399999
template shell = /bin/bash
template homedir = /home/%U

Any ideas on what I can do to correctly map the gid?

thank you

More information about the samba mailing list