[Samba] odd UID behaviour in Linux hosts connected to Samba AD

Rowland Penny rpenny at samba.org
Thu Jan 16 17:26:09 UTC 2025


On Thu, 16 Jan 2025 18:10:36 +0100 (CET)
"Vincent S. Cojot via samba" <samba at lists.samba.org> wrote:

> 
> Hi again Rowland and Luis,
> 
> First, thank you very much for jumping to my rescue and explaining
> what I got wrong about my Samba usage.
> 
> This brought another question: Could I perhaps use the Samba 'rid'
> backend so that Windows users get unique UIDs on Linux boxes -
> different from the Linux UIDs - and then make use of usermap to map
> them to the proper local Linux user?
> Would that work? Would that work for files being served as well?
> 
> Thanks,
> 
> Vincent
> 
I will say this slowly:

You	do	not	have	local	Linux
users.

You have AD users and Samba makes them appear as local Linux users, the
same goes for groups, as I said my name does not appear in /etc/passwd:

rowland at devstation:~$ grep 'rowland' /etc/passwd
rowland at devstation:~$

Yet, Linux know that I am a user with the ID '11104':

uid=11104(rowland) gid=10513(domain users) groups=10513(domain
users),102(netdev),1001(unixtest),11104(rowland),10512(domain
admins),12605(testgroup),10571(allowed rodc password replication
group),10572(denied rodc password replication
group),2001(BUILTIN\users),2000(BUILTIN\administrators)

I use the 'rid' backend, but there is nothing stopping you using the
'ad' backend with the local Linux IDs set as the uidNumber & gidNumber
attributes, but it will work equally well using the 'rid' backend.

I suggest you remove your 'db' database and start from there.

Rowland




More information about the samba mailing list