[Samba] Is Samba 4.9 and "map untrusted to domain" possible anymore?

Harald Hannelius harald+samba at arcada.fi
Thu Jun 4 14:03:17 UTC 2020

On Thu, 4 Jun 2020, Rowland penny via samba wrote:
> On 04/06/2020 13:49, Harald Hannelius via samba wrote:
>> Question 3)
>> If I would enable trust between "AD" and "SAD", would users trying to 
>> access files on a Samba fileserver be mapped to the uidNumber in "SAD" DS? 
>> Or would they be mapped to something entirely else? I'm not really 
>> understanding the idmap and identities it seems.
> No, you would have to give one set of users new uidNumbers and create another 
> 'idmap config' block in smb.conf. You could use autorid instead, but this 
> would mean totally new ID's everywhere.

Can't I just use the same idmap range for the "SAD" and "AD" domains? They 
are, after all, the same users in both domains.


Harald Hannelius | harald.hannelius/a\arcada.fi | +358 50 594 1020

More information about the samba mailing list