[Samba] (properly formatted) Re: adman howto ? and is it safe to apply

Jonathon Reinhart jonathon.reinhart at gmail.com
Thu Jan 23 04:05:05 UTC 2020

>  security = ads, backend = ad is working !!!
> but I don't have the bultin Administrator, can I add the Administrator
> ?

Per Rowland's advice, Administrator should *not* be assigned a uidNumber. I
don't claim to fully understand why.

> other thing all user have the same  gidNumber, even user from OU=Admins
> ... , is this supposed to be like this ?

Adman first assigns a gidNumber to all of your groups.

Then, it sets each users's gidNumber to the gidNumber of their "Primary
Group". It turns out this is somewhat unnecessary because Winbind follows
the same logic. But other LDAP clients might not.

Currently the uidNumber / gidNumber assignment does nothing based on the OU
in which the users exist.


More information about the samba mailing list