[Samba] classicupgrade

[Rowland Penny]

On Fri, 26 Oct 2018 16:47:52 +0200
Corrado Ravinetto via samba <samba at lists.samba.org> wrote:

> thank you for your comprehension
> 
> Il 26/10/2018 16:40, Rowland Penny via samba ha scritto:
> > OK, two further ldbsearches:
> >
> > ldbsearch -Hldap://$(hostname  -s) -k yes -P
> > '(&(samaccountname=*)(uidNumber=*))' uidNumber | grep uidNumber |
> > awk '{print $NF}'
> 1289
> 1690
> 673
> 1613
> 1527
> 1661
> 1542
> 822
> 1280
> 647
> 596
> 1699
> 650
> 1766
> 592
> 1674
> 629
> 1127
> 1065
> 966
> 
> & more,more,more,more :-)
> >
> > ldbsearch -Hldap://$(hostname  -s) -k yes -P
> > '(&(samaccountname=*)(gidNumber=*))' gidNumber | grep gidNumber |
> > awk '{print $NF}'
> 736
> 501
> 767
> 501
> 501
> 759
> 615
> 729
> 669
> 603
> 611
> 1239
> 681
> 618
> 713
> 553
> 690
> 757
> 501
> 501
> 679
> 501
> 528
> 517
> 501
> 
> more,more,more
> > They should both print a string of numbers, if either doesn't then
> > there is your problem, but why, is another question.
> i have many numbers :-)
> 

Thank goodness, but why does Domain Users not seem to have a gidNumber ?

Anyway, no problem ;-)

On the DC (note, replace 'dc4' with your DC short hostname

ldbedit -e nano -H ldap://dc4 -U Administrator
Enter Administrators password when prompted.

Press the 'Ctrl' and 'w' keys together

enter the search:

dn: CN=Domain Users

check for a line in the object that starts 'gidNumber', there shouldn't be one.

Add this one anywhere in the object:

gidNumber: 513

Press 'Ctrl' and 'x' together, press 'y' when prompted

Now go to the Unix domain member and open smb.conf in an editor, change
the low range on the DOMAIN 'idmap config' line to '500', restart Samba,
run 'net cache flush' and check a user again.

Rowland