[Samba] winbind generates a UID for a group
Anderson Sampaio Mello
anderson.sampaio.mello at gmail.com
Wed Mar 9 15:40:09 UTC 2022
Hello Rowland.
Thanks for the answer.
Do you have a link that serves as a reference explaining more about
ID_TYPE_BOTH ?
Em qua., 9 de mar. de 2022 às 05:17, Rowland Penny via samba <
samba at lists.samba.org> escreveu:
> On Wed, 2022-03-09 at 03:01 -0300, Anderson Sampaio Mello via samba
> wrote:
> > Hello samba team.
> >
> > I have an AD DC server and winbind generates a UID for a group, for
> > example
> > Domain Admins has its GID mapped to a SID and also a UID equal to the
> > GID
> > mapped to the same SID.
> >
> > I understand the mapping from GID to SID, but why does it generate a
> > UID
> > for a group?
>
> Because, while a group can own things on Windows, a Unix group cannot,
> so the group is mapped to a user on a DC, it is known as 'ID_TYPE_BOTH'
>
> >
> > Example output of the wbinfo command:
> >
> > wbinfo --group-info domain\\domain\ admins
> >
> > Domain\domain admins:x:3000004:
>
> The numbers in the '3000000' range are 'xidNumbers' and are only found
> on Samba AD DCs and unless you sync idmap.ldb between Samba DCs, you
> will get different IDs on different DC's
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list