[Samba] odd UID behaviour in Linux hosts connected to Samba AD
Rowland Penny
rpenny at samba.org
Thu Jan 16 16:50:08 UTC 2025
On Thu, 16 Jan 2025 16:13:40 +0000
Luis Peromarta via samba <samba at lists.samba.org> wrote:
> It took me a few hours to put these together, hopefully is useful to
> you:
>
> http://samba.bigbird.es/doku.php?id=samba:idmap-backends
>
> http://samba.bigbird.es/doku.php?id=samba:no-need-for-use-rfc2307
>
> http://samba.bigbird.es/doku.php?id=samba:more-idmapping-notes
>
Those are very good, I might have worded some of the first one a bit
differently, people have been known to miss-class connecting to a share
as logging in, for instance.
You also have this in the second one:
You need users to log in (ssh) to the DC with different home folders or
shells.
There is no way to give users logging into a DC different shells or
home directory paths, not even if you use the rfc2307 attributes. A DC
only reads uidNumber & gidNumber attributes from AD.
You also do not mention that if you join an additional DC, it doesn't
get 'idmap_ldb:use rfc2307 = yes' in its smb.conf, not even if the other
DC(s) have it, you have to manually add it.
Rowland
More information about the samba
mailing list