[Samba] Quick questions about uid, gid, uidNumber, gidNumber

[Ricardo Campos]

Hi.

I'm trying to fix a mistake I made: I installed an AD-DC, with the
functions of a file server.

To solve this problem, I installed a new Samba in a Ubuntu box and
configured it as defined in
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member. This
would work as a file server. However, I now understand (a little more) the
confusion among all these attributes like uid, gid, uidNumber, gidNumber.

I cannot simply discard all the old attributes given to users and groups
since they were used in the permissions of the unix file structure used in
the  shares, since there are sort of a million of files and folders, whose
permissions were defined using acl's.

On the other hand, I feel insecure to simply remove all idmap attributes of
the smb.conf in AD. I'm afraid this could disrupt the whole thing (despite
all the trouble the system is running!).

So the question is what is the best approach to solve this mess. I envisage
two possible solutions, both beginning with the configuration of the file
server with "idmap config <domain> : backend = ad":

1. keep this same AD I have, editing the smb.conf without the risk of
wreaking havoc on the whole thing.

2. installing a new AD but I'm not sure I could use the same uid's and
gid's I have now, using them to configure the attributes uidNumber and
gidNumber. The biggest problem I see is that I already have uid's in the
range 3000000-3999999 and I'm not sure if I can establish a new range for
the AD like 3100000-3999999, so that I can keep the old ones.

Thanks for any help.

Ricardo