[Samba] convert from synology
Rowland Penny
rpenny at samba.org
Fri Oct 7 17:16:53 UTC 2022
On 07/10/2022 17:33, Peter Carlson via samba wrote:
> I agree with the mangling assessment.
>
> 1. I will ask about the xid, for information only
> 2. I like Synolgy's UI. If I could strip that out and put it on some flavor of Linux, I would. There was a decent cockpit ui samba plugin, but it's not working at the moment, and zentyal won't join the domain and they aren't responsive to bugs. Maybe since I'm quasi retired now, I'll start my own UI project.
> 3. Are these ids only used for sysvol? We only have 3 gpos and no roaming, so I could just recreate those by hand.
>
'xidNumber' attributes are only used on a Samba DC and are stored in
idmap.ldb
If 'idmap_ldb:use rfc2307 = yes' is set in a DC's smb.conf, the
'xidNumber' attributes can and will be overridden by any 'uidNumber' &
'gidNumber' attributes set in AD. There is a problem with this, the
'xidNumber' attributes are a bit special, they can be set as
'ID_TYPE_UID', 'ID_TYPE_GID' or 'ID_TYPE_BOTH', the last one is the
special one as it makes a group be a user as well as a group. Why does a
group have to be a user ? Well, Windows has the concept of groups owning
things (something that Linux doesn't) and at least one group (Domain
Admins) needs to own thing in Sysvol, if you give the Well Know Sid
groups a gidNumber attribute, they just become groups to Linux and
cannot own anything.
The cockpit Samba DC module was produced as a Google summer of code
under the Samba banner, any idea why it no longer works ?
Rowland
More information about the samba
mailing list