[Samba] ad-backend: uidNumber set too late

Rowland Penny rpenny at samba.org
Fri Sep 3 10:36:43 UTC 2021

On Fri, 2021-09-03 at 11:42 +0200, Michal Bruncko via samba wrote:
> what I am missing is backend, which takes user rid from user SID
> (the 
> last number) and use it as uidNumber.
> advantages:
> - uidNubmer will be always unique per user as because the user RID
> of 
> used SID is unique
> - you dont need to manage them manually as it will be mapped 
> automatically using this backend based on used SID (i.e. applied on
> all 
> users)
> - uidNubmer will be same everywhere on each system which is a member
> of AD
> for now I am doing this user-rid to uidnumber using script as a part
> of 
> user creation and works without issues.
> I guess that I am not only one which is having this idea and
> wondering 
> why such backend isn't available.... or I am missing something 
> obvious/fatal which I am breaking with this mapping described before?

The 'rid' backend is nearest to what you are describing, but there is a
problem with your method (if I understand what you are doing
I think you are using the 'ad' backend and using the users RID for the
uidNumber. If this is correct, then, because the RID's start at 1000,
you will not be able to have any local Unix users. This may not be a
problem for you, but it would be for others.


More information about the samba mailing list