[Samba] getent passwd blank response
Rowland penny
rpenny at samba.org
Mon Aug 17 13:46:19 UTC 2020
On 17/08/2020 14:35, Robert E. Wooden via samba wrote:
> On 8/17/2020 8:21 AM, Rowland penny via samba wrote:
>> The '3000013' is not a uidNumber, it is an 'xidNumber' and these are
>> only used on a DC and unless you sync 'idmap.ldb' from the first DC
>> to all other DC's, you cannot guarantee getting the same ID on all DC's
>>
>> uidNumber attributes are not added automatically, you must add them
>> manually, same goes for gidNumber attributes.
>>
> I am not arguing with you because, I think your correct (you usually
> are).
>
> I manually added the "Domain Users" group id (10000) with samba-tool
> (samba-tool group addunixattrs "Domain Users" 10000, I think without
> looking thru my notes) some time ago.
>
> The member smb.conf has "idmap config WKDOM : range = 10000-999999"
> and gid started with 10000, should uid start at (for example) 10001
> (for first user to be mapped) and increase sequence (+1 as in 10002)
> for subsequent users?
>
> (Adding uid & gid manually, I am aware that I will need to keep a
> record of these.)
>
> Guide lines you can point me to or confirm I am correct here?
>
Mostly you are correct, but 'user' != 'group' or to put it another way,
you can use the same range for users and groups (in fact you have to),
so just add the uidNumber '10000' to 'username' on the DC and then see
if getent can find the user on the Unix samba member, you should get
something like this:
getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
Rowland
More information about the samba
mailing list