[Samba] ID Mapping

Rowland penny rpenny at samba.org
Tue Nov 3 09:25:36 UTC 2020


On 03/11/2020 08:54, Stefan Kania via samba wrote:
>
> Am 03.11.20 um 05:38 schrieb O'Connor, Daniel via samba:
>> Hi,
>> I have a Samba 4.11.8 system running as an AD and a file server and I am wondering what sort of ID mapping is done in this situation.
>>
>> I have uidNumber on each user set to use UIDs in the 1000 range but I find that they end up in the 3000000 range instead.
>>
>> Is this a fixable problem, or a result of having the file server and DC as the same machine?
>>
>> Thanks.
> On an DC the mapping starts allway with 3.000.000 you cant change it.
> That's the reason why you should not use a DC as fileserver

Sorry, but that isn't entirely true. On a DC users & groups are mapped 
to numbers in the '3000000' range via idmap.ldb, but you can override 
these numbers by giving your users a uidNumber and giving Domain Users a 
gidNumber.

root at dc4:~# getent passwd rowland
SAMDOM\rowland:*:10000:10000::/home/SAMDOM/users/rowland:/bin/bash

The OP is using numbers in the '1000' range, this is something I 
wouldn't do, it leaves no space for local Unix users.

Rowland





More information about the samba mailing list