[Samba] convert from synology

Rowland Penny rpenny at samba.org
Fri Oct 7 17:16:53 UTC 2022



On 07/10/2022 17:33, Peter Carlson via samba wrote:
> I agree with the mangling assessment.
> 
> 1. I will ask about the xid, for information only
> 2. I like Synolgy's UI. If I could strip that out and put it on some flavor of Linux, I would. There was a decent cockpit ui samba plugin, but it's not working at the moment, and zentyal won't join the domain and they aren't responsive to bugs.  Maybe since I'm quasi retired now, I'll start my own UI project.
> 3. Are these ids only used for sysvol?  We only have 3 gpos and no roaming, so I could just recreate those by hand.
> 

'xidNumber' attributes are only used on a Samba DC and are stored in 
idmap.ldb

If 'idmap_ldb:use rfc2307  = yes' is set in a DC's smb.conf, the 
'xidNumber' attributes can and will be overridden by any 'uidNumber' & 
'gidNumber' attributes set in AD. There is a problem with this, the 
'xidNumber' attributes are a bit special, they can be set as 
'ID_TYPE_UID', 'ID_TYPE_GID' or 'ID_TYPE_BOTH', the last one is the 
special one as it makes a group be a user as well as a group. Why does a 
group have to be a user ? Well, Windows has the concept of groups owning 
things (something that Linux doesn't) and at least one group (Domain 
Admins) needs to own thing in Sysvol, if you give the Well Know Sid 
groups a gidNumber attribute, they just become groups to Linux and 
cannot own anything.

The cockpit Samba DC module was produced as a Google summer of code 
under the Samba banner, any idea why it no longer works ?

Rowland




More information about the samba mailing list