[Samba] ad-backend: uidNumber set too late

Michal Bruncko michal.bruncko at ssrk.sk
Fri Sep 3 09:42:12 UTC 2021

what I am missing is backend, which takes user rid from user SID (the 
last number) and use it as uidNumber.
- uidNubmer will be always unique per user as because the user RID of 
used SID is unique
- you dont need to manage them manually as it will be mapped 
automatically using this backend based on used SID (i.e. applied on all 
- uidNubmer will be same everywhere on each system which is a member of AD

for now I am doing this user-rid to uidnumber using script as a part of 
user creation and works without issues.

I guess that I am not only one which is having this idea and wondering 
why such backend isn't available.... or I am missing something 
obvious/fatal which I am breaking with this mapping described before?


On 9/3/2021 10:18 AM, Rowland Penny via samba wrote:
> All of the winbind backends have their advantages and disadvantages:
> The 'ad' backend, along with ensuring that the ID's are the same
> everywhere, allows for different shells & home directory per user.
> However, you have to manually add the rfc2307 attributes
> The 'rid' backend allows for the same Unix ID's everywhere, provided
> you use the same smb.conf everywhere. You do not have to add anything
> to AD. You will have to use the same shell & home directory for every
> user.
> The 'autorid' backend is similar to the 'rid' backend but allows for
> multiple domains and is the easiest to set up.

More information about the samba mailing list