[Samba] getent group does not list domain groups - question regarding default gidNumbers on PDC
Łukasz Michalski
lm at zork.pl
Wed Jun 5 09:44:26 UTC 2019
On 6/5/19 11:26 AM, Rowland penny via samba wrote:
> On 05/06/2019 10:04, Łukasz Michalski via samba wrote:
>>
>>>>
>>>> [root at site-ad ~]# wbinfo --sid-to-gid S-1-5-21-4155694911-3186826046-1573605777-513
>>>> 985 (same as 'users' unix gid on host)
>>> where did the '985' come from ?
>>
>> I think from there:
>>
>> [root at site-ad ~]# ldbsearch -H /var/lib/samba/private/idmap.ldb objectsid=S-1-5-21-4155694911-3186826046-1573605777-513
>> # record 1
>> dn: CN=S-1-5-21-4155694911-3186826046-1573605777-513
>> cn: S-1-5-21-4155694911-3186826046-1573605777-513
>> objectClass: sidMap
>> objectSid: S-1-5-21-4155694911-3186826046-1573605777-513
>> type: ID_TYPE_GID
>> xidNumber: 985
>> distinguishedName: CN=S-1-5-21-4155694911-3186826046-1573605777-513
>
> An 'xidNumber' is NOT a 'uidNumber' or 'gidNumber'
>
> Who changed the 'xidNumber' value from a number in the '3000000' range to '985' and why ?
>
Dunno, I just run:
samba-tool domain provision --use-rfc2307 --interactive
I did not touch ldap databases by hand afterwards.
Regards,
Łukasz
More information about the samba
mailing list