[Samba] User mapping?

Rowland penny rpenny at samba.org
Sat Aug 8 07:21:48 UTC 2020


On 07/08/2020 22:44, Simon Matthews via samba wrote:
>
>>>
>>>>
>>>
>>> This is where your problems start, you do not have enough lines, I
>>> would expect something like this:
>>>
>>>     idmap config * : backend = tdb
>>>     idmap config * : range = 100000-9999999
>>>     idmap config BLUE : backend = rid
>>>     idmap config BLUE : range = 500-99999
>>>
>>>
>>>>
> No, I was wrong about this. The name mapping is correct but the numeric
> IDs are different, so I still have permission issues:
>
> # ls -al
> total 28
> drwxrwxrwx.  4 <user> blue 4096 Aug  7 14:40 .
> drwxr-xr-x. 12 <user> blue 4096 Aug  6 13:06 ..
> drwxr-xr-x.  2 <user> blue 4096 Aug  7 14:40 New folder
>
> "New folder" is an empty folder I created from the Windows machine after
> setting the directory perms to 777. However, when we look at the actual
> UIDs:
>
> # ls -aln
> total 28
> drwxrwxrwx.  4     2002      441 4096 Aug  7 14:40 .
> drwxr-xr-x. 12     2002      441 4096 Aug  6 13:06 ..
> drwxr-xr-x.  2 16777216 16777222 4096 Aug  7 14:40 New folder

Try running 'net cache flush'

Also, the numbers I supplied were examples, you may need to tweak them. 
The 'rid' backend calculates the the Unix ID from the users RID with 
this formula:

ID = RID + LOW_RANGE_ID

Which from the range I posted becomes:

ID = RID + 500

So, if a user has the RID 1000, they should have the ID '1500'

1500 = 1000 + 500

The '*' range is for the Well Known Sids and anything outside the domain

These numbers will probably not match any users you have /etc/passwd 
(mind you, you shouldn't have any users in /etc/passwd)

Rowland





More information about the samba mailing list