[Samba] NT_STATUS_OBJECT_NAME_NOT_FOUND randomly
Rowland penny
rpenny at samba.org
Fri Jun 18 12:24:49 UTC 2021
On 18/06/2021 13:08, Andrew Walker via samba wrote:
>> idmap config * : range = 3000-7999
>> idmap config CUSTOMER : backend = rid
>> idmap config CUSTOMER : range = 10000-999999
>>
> Won't the idmap setting changes change IDs assigned for AD users? This
> change can potentially require re-doing permissions on-disk once you've
> made it. You might also want to keep a backup of your winbindd_idmap.tdb
> file. I'm not saying it's a bad idea, but it's something you will need to
> evaluate and keep in mind while making the changes (and do them in a
> maintenance window :))
Unfortunately, yes it will, but it is an artefact of not correctly
setting the 'idmap config' lines in the first place. The OP could find
out what ID's the users and groups are using now and then use the 'ad'
backend and populate the rfc2307 attributes with the ID's
I do wish people would read our documentation before setting up a Unix
domain member, it is easier to 'fix' something before it goes into
production.
Rowland
More information about the samba
mailing list