[Samba] ID Mapping

O'Connor, Daniel darius at dons.net.au
Wed Nov 4 00:14:28 UTC 2020



> On 4 Nov 2020, at 00:17, Rowland penny via samba <samba at lists.samba.org> wrote:
> 
> On 03/11/2020 13:05, O'Connor, Daniel wrote:
>> 
>>> On 3 Nov 2020, at 23:21, Rowland penny via samba <samba at lists.samba.org> wrote:
>>> On 03/11/2020 12:17, O'Connor, Daniel wrote:
>>>> I tried setting uidNumber et al via the active directory editor and samba-ldbedit, however the mapping doesn't seem to change so I am wondering if it ends up stored somewhere else in the AD case.
>>> Did you give 'Domain Users' a gidNumber ? without this, the uidNumber attributes are ignored.
>> No, although I just tried it now but it doesn't appear to make a difference.
>> 
>> I set it via ADUC and checked via samba-ldbedit .. secrets.ldb
>> 
> If your users have a unique uidNumber attribute and Domain Users has a gidNumber attribute, it should work on a DC, provided that you also have 'idmap_ldb:use rfc2307  = yes' in smb.conf, I keep forgetting that one 😁

Hmm, you say 'uidNumber' but I have xidNumber:
# editing 1 records
# record 1
dn: CN=S-1-5-21-1638907138-195301586-368347949-3088
cn: S-1-5-21-1638907138-195301586-368347949-3088
objectClass: sidMap
objectSid: S-1-5-21-1638907138-195301586-368347949-3088
type: ID_TYPE_BOTH
xidNumber: 1044
distinguishedName: CN=S-1-5-21-1638907138-195301586-368347949-3088

--
Daniel O'Connor
"The nice thing about standards is that there
are so many of them to choose from."
 -- Andrew Tanenbaum





More information about the samba mailing list