[Samba] group 'Domain User' has changed rid in a new server
rpenny at samba.org
Mon Dec 19 14:47:42 UTC 2022
On 19/12/2022 13:17, Corrado Ravinetto via samba wrote:
> Hi at all
> After many time spent to investigate why my new dm don't enable access to everyone i found the problem: rid assigned to 'Domain user' is changed.
> On old samba server i have 'Domain user' with rid=513, in new server the rid for 'Domain user' is changed and is 110513.
> On each user i have 513 as PrimaryGroup and then i can't access to my new server, how can i change rid on new server ???
Let me guess, you are using the 'rid' idmap backend and you have a line
similar to this in your smb.conf:
idmap config DOMAIN : range = 110000-???????
Where 'DOMAIN' is your workgroup name.
If so, then that it is how it is supposed to work, the groups (and
users) ID is calculated from the RID and the low range:
ID = RID + low range
110513 = 513 + 110000
Lots of bad ideas were used in the past, using '513' to identify Domain
Users was, in my opinion, a bad idea.
The easiest way out of this will be to write a script that checks for
group ownership and chown any '513' to Domain Users.
More information about the samba