[Samba] Change (fix) idmap config
Lorenzo Milesi
lorenzo.milesi at yetopen.com
Fri Oct 14 14:45:47 UTC 2022
Hi.
We made a mistake in configuring two file servers, by putting the realm instead of the workgroup in idmap config (below). For this reason, now we get different ids when running `getent passwd` on the two servers...
What's the best way to recover, considering we have users connecting via shares and ssh? Unjoin the server, adjust config, join again, chown?
thanks
workgroup = LIGHT
realm = WDC.DOMAIN.IT
security = ads
idmap config * : range = 16777216-33554431
winbind separator = +
template homedir = /home/%U
template shell = /bin/bash
kerberos method = secrets only
winbind use default domain = true
winbind offline logon = false
#--authconfig--end-line--
idmap config *:backend = tdb
idmap config *:range = 700001-800000
idmap config WDC.DOMAIN.IT:backend = rid
idmap config WDC.DOMAIN.IT:range = 10000-700000
--
Lorenzo Milesi - lorenzo.milesi at yetopen.com
CTO @ YetOpen Srl
YetOpen - https://www.yetopen.com/
Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood Avenue - Suite 200 - Raleigh, NC 27612 - USA -
Tel +39 0341 220 205 - info.it at yetopen.com | Phone +1 919-817-8106 - info.us at yetopen.com
Think green - Non stampare questa e-mail se non necessario / Don't print this email unless necessary
-------- D.Lgs. 196/2003 e GDPR 679/2016 --------
Tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario.
Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da ritenere confidenziali e riservate secondo i termini
del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo 679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non autorizzata.
Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile.
Grazie.
Confidentiality notice: this email message including any attachment is for the sole use of the intended recipient and may contain confidential and privileged information;
pursuant to Legislative Decree 196/2003 and the European General Data Protection Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or distribution
is prohibited. If you are not the intended recepient please delete this message without copying, printing or forwarding it to others, and alert us as soon as possible.
Thank you.
More information about the samba
mailing list