[Samba] Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
Stephen
stephen at ogdenradar.com
Tue Mar 26 12:04:06 UTC 2019
Jonathon and Rowland, are you sure the command you are referring to
here is net cache clear for clearing the cache? I couldnt see this in
the manpage for net cache.
There is a 'net cache flush' command though?
Thanks
Stephen
On 26/03/2019 11:56, Rowland Penny via samba wrote:
> On Tue, 26 Mar 2019 07:37:54 -0400
> Jonathon Reinhart via samba <samba at lists.samba.org> wrote:
>
>> I recently went through these steps from the wiki and took the
>> following notes which I had not yet shared / suggested for the wiki.
>> (This is from mobile, sorry for the terse message.)
>>
>> - You need to clear the idmap cache after copying idmap.ldb ("net
>> cache clear") otherwise you could have stale entries hanging around.
> I have added that.
>
>> - You need to sync SysVol before running sysvol reset, because
>> samba-tool falls on its face if that directory is empty.
> This has also been added.
>
>> - The initial permissions of the the stuff in Sysvol didn't match what
>> "sysvol reset" wanted. I'm not sure who initially created the stuff
>> with bad permissions.
> I have been saying this for years, the permissions set on a Samba AD DC
> do not appear to match what a Windows DC uses.
>
> Rowland
>
>
More information about the samba
mailing list