[Samba] Is Samba 4.9 and "map untrusted to domain" possible anymore?
Rowland penny
rpenny at samba.org
Thu Jun 4 14:12:49 UTC 2020
On 04/06/2020 15:03, Harald Hannelius via samba wrote:
>
> On Thu, 4 Jun 2020, Rowland penny via samba wrote:
>> On 04/06/2020 13:49, Harald Hannelius via samba wrote:
>>>
>>> Question 3)
>>> If I would enable trust between "AD" and "SAD", would users trying
>>> to access files on a Samba fileserver be mapped to the uidNumber in
>>> "SAD" DS? Or would they be mapped to something entirely else? I'm
>>> not really understanding the idmap and identities it seems.
>> No, you would have to give one set of users new uidNumbers and create
>> another 'idmap config' block in smb.conf. You could use autorid
>> instead, but this would mean totally new ID's everywhere.
>
> Can't I just use the same idmap range for the "SAD" and "AD" domains?
> They are, after all, the same users in both domains.
>
>
No
Rowland
More information about the samba
mailing list