[Samba] Linux multiple member server
Robert Wooden
bob at donelsontrophy.com
Tue Sep 25 11:31:46 UTC 2018
Rowland,
Sorry, now I am really confused . . . I thought users were suppose to
maintain the same ranges on all the member servers?
My ranges came from the v4.1 days when I was running Sernet version (before
they moved to a pay for model.)
I trying to join a linux workstation to my domain (if that makes a
difference.)
On Sun, Sep 23, 2018 at 4:01 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Sun, 23 Sep 2018 15:31:06 -0500
> Robert Wooden via samba <samba at lists.samba.org> wrote:
>
> > Good to hear I was correct about all members having same ranges.
> >
> > Now, I have had this idmap sequence order for years in my smb.conf
> > files and have copy pasted always moving forward.
> >
> > Sorry if I am misunderstanding you but, your saying invert them,
> > listing the SAMDOM first followed by the "*"?
> >
> > like this example?
> >
> > idmap config SAMDOM : backend = rid
> > idmap config SAMDOM : range = 10000-40000
> > idmap config * : backend = tdb
> > idmap config * : range = 50001-80000
> >
>
> Er, no, you are stuck with the above on an existing Unix
> domain member, but on new Unix domain members I would use this:
>
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> idmap config SAMDOM : backend = rid
> idmap config SAMDOM : range = 10000-80000
>
> The '*' domain is for the 'Well Know SIDs' and anything outside of the
> 'SAMDOM' domain and there are less than 200 'Well Known SIDs', so 4999
> ID's should be more than enough.
> When it comes to the 'SAMDOM' domain, if you do reach the user ID
> '80001', this wouldn't be a problem with my suggested lines, just
> change the '80000' to '90000'. If the '*' domain is above the 'SAMDOM'
> domain, then you are limited to the difference between the high number
> for the 'SAMDOM' range and the low number for the '*' range. In your
> case '40000' and '50001', for most people this might not be a problem,
> but for some, it would be a big problem.
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Thank you.
Bob Wooden
More information about the samba
mailing list