[Samba] SID mapping: Samba and SSSD
Robert Marcano
robert at marcanoonline.com
Thu Sep 3 20:39:59 UTC 2020
On 9/3/20 1:04 PM, Johan Hattne via samba wrote:
> Dear all;
>
> Would anybody be able to tell me what the idmap configuration is to have
> Samba do the same SID-to-user/group mapping as the SSSD defaults? I was
> convinced I saw it on this list or the wiki not too long ago, but I
> cannot seem to find it.
>
> // Best wishes; Johan
>
# getent group "domain users at ad.yourdomain.com"
That group id - 513 is the start, and that start + 200000 (default slice
size) is the end.
The add:
idmap config YOURDOMAIN : range = start-end
idmap config YOURDOMAIN : backend = rid
or try the sss idmapper, but if you are removing sssd and want to
continue using the sssd range, use the rid backed
Note: This works with any Samba release, even the latest ones.
More information about the samba
mailing list