[Samba] Is Samba 4.9 and "map untrusted to domain" possible anymore?

Rowland penny rpenny at samba.org
Thu Jun 4 13:59:00 UTC 2020

On 04/06/2020 14:46, Harald Hannelius via samba wrote:
> So the best way for me would be to implement the RFC2307/SFU schema in 
> the Windows AD "AD", add the same uidNumber for every user in "AD" as 
> they had in the old "Samba" domain, and then just join the fileservers 
> to the "AD" domain?
> Then I change the map-range to be like it was for the "SAD" domain.
> It's more like migrating filesystems with users and groups tied to 
> files than just migrating users.

Yes you could do that, but don't forget groups as well and if you do not 
have any groups (usergroups count as no groups), ensure that Domain 
Users has a gidNumber inside whatever range you end up with.


More information about the samba mailing list