[Samba] User mapping?

Simon Matthews simon.matthews at bluepearlsoftware.com
Sun Aug 9 19:13:07 UTC 2020 

On 8/8/20 12:21 AM, Rowland penny via samba wrote:
> On 07/08/2020 22:44, Simon Matthews via samba wrote:
>>
>>>>
>>>>>
>>>>
>>>> This is where your problems start, you do not have enough lines, I
>>>> would expect something like this:
>>>>
>>>>     idmap config * : backend = tdb
>>>>     idmap config * : range = 100000-9999999
>>>>     idmap config BLUE : backend = rid
>>>>     idmap config BLUE : range = 500-99999
>>>>
>>>>
>>>>>
>> No, I was wrong about this. The name mapping is correct but the numeric
>> IDs are different, so I still have permission issues:
>>
>> # ls -al
>> total 28
>> drwxrwxrwx.  4 <user> blue 4096 Aug  7 14:40 .
>> drwxr-xr-x. 12 <user> blue 4096 Aug  6 13:06 ..
>> drwxr-xr-x.  2 <user> blue 4096 Aug  7 14:40 New folder
>>
>> "New folder" is an empty folder I created from the Windows machine after
>> setting the directory perms to 777. However, when we look at the actual
>> UIDs:
>>
>> # ls -aln
>> total 28
>> drwxrwxrwx.  4     2002      441 4096 Aug  7 14:40 .
>> drwxr-xr-x. 12     2002      441 4096 Aug  6 13:06 ..
>> drwxr-xr-x.  2 16777216 16777222 4096 Aug  7 14:40 New folder
>
> Try running 'net cache flush'
>
> Also, the numbers I supplied were examples, you may need to tweak
> them. The 'rid' backend calculates the the Unix ID from the users RID
> with this formula:
>
> ID = RID + LOW_RANGE_ID
>
> Which from the range I posted becomes:
>
> ID = RID + 500
>
> So, if a user has the RID 1000, they should have the ID '1500'
>
> 1500 = 1000 + 500
>
> The '*' range is for the Well Known Sids and anything outside the domain
>
> These numbers will probably not match any users you have /etc/passwd
> (mind you, you shouldn't have any users in /etc/passwd)
>
> Rowland
>
>
>
I have things sort of working now, but I just want to confirm: there is
no way to manually (and individually) map the IDs?

Simon


Blue Pearl Software, Inc. will collect and process information about you that may be subject to data protection laws. For more information about how we use and disclose your personal information, how we protect your information, our legal basis to use your information, your rights and who you can contact, please refer to the relevant sections of our Privacy note at www.bluepearlsoftware.com/privacypolicy.

More information about the samba mailing list