[Samba] How to set same UID and GID for ADDC server and all Member server
d.lesca at solinos.it
Thu Nov 22 16:37:19 UTC 2018
Il giorno gio, 22/11/2018 alle 13.46 +0000, Rowland Penny via samba ha
> I do hope this is a test domain, using the standard fedora packages
> fora DC is considered experimental
Yes, for now is a test domain, but, if it works great, why do not used
it in a production environment?
Why the DC Fedora Package is considered experimental?
The last samba version is 4.9.2, Fedora Team have rebuild this versione
and I have install this version ... without install compiler tools on
> > Or set a specific UID/GID to all user/group?
> Yes, it is called using rfc2307 attributes, add uidNumber &
> gidNumberattributes to AD and then use the winbind 'ad' backend on
> the Unixdomain members.
> See here for more info:
Ok, thanks, I forgot on member server to set rfc2307, and set the type
of winbind backend to use.
In fact, I do not need have on the DC the same IDs of members servers I
will only use the Samba AD DC for authentication and will not store
data on it or log into it
Then I set the backend to 'rid' and I keep on every Unix domain member
the same range ID.
Now the [global] of my smb.conf is
# Global parameters[global] printcap name = cups realm =
DOM.LOC security = ADS template homedir =
/u/samba/home/%U template shell = /bin/bash winbind enum
groups = Yes winbind enum users = Yes winbind offline
logon = Yes winbind use default domain = Yes workgroup =
DOM rpc_daemon:spoolssd = fork rpc_server:spoolss =
external idmap config dom:backend = rid idmap config
dom:range = 1000000-3000000 idmap config dom:schema_mode =
rfc2307 idmap config * : range = 10000-99999 idmap config
* : backend = tdb cups options = raw
It's correct?In this way, I do not must set add uidNumber & gidNumber
on AD ... right?
(inviato dal mio Linux Fedora 28 Workstation)
More information about the samba