[Samba] Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs

Jonathon Reinhart jonathon.reinhart at gmail.com
Tue Mar 26 11:37:54 UTC 2019


I recently went through these steps from the wiki and took the following
notes which I had not yet shared / suggested for the wiki.
(This is from mobile, sorry for the terse message.)

- You need to clear the idmap cache after copying idmap.ldb ("net cache
clear") otherwise you could have stale entries hanging around.

- You need to sync SysVol before running sysvol reset, because samba-tool
falls on its face if that directory is empty.

- The initial permissions of the the stuff in Sysvol didn't match what
"sysvol reset" wanted. I'm not sure who initially created the stuff with
bad permissions.

Jonathon

On Tue, Mar 26, 2019, 07:14 Stephen via samba <samba at lists.samba.org> wrote:

> Cheers Louis, i just ran the diagnostic snippet you sent me:
>
> pi at ad1:/var/lib/samba/private $ sudo ls -al $(samba -b | grep STATEDIR |
> awk {' print $NF '})/sysvol
> total 20
> drwxrwx---+ 3 root 3000000 4096 Mar 25 16:36 .
> drwxr-xr-x  8 root root    4096 Mar 25 17:31 ..
> drwxrwx---+ 4 root 3000000 4096 Mar 25 16:36 samdom.example.com
>
> pi at ad2:/var/lib/samba/private $ sudo ls -al $(samba -b | grep STATEDIR |
> awk {' print $NF '})/sysvol
> total 20
> drwxrwx---+ 3 root 3000000 4096 Mar 26 10:55 .
>
> drwxr-xr-x  8 root root    4096 Mar 26 10:55 ..
>
> drwxrwx---+ 3 root 3000000 4096 Mar 25 16:42 samdom.example.com
>
> Im guessing the empty folders here suggests that I have not synced SysVol?
>
> Cheers
> Stephen
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list