samba - Apr 2012 - UID/GID mapping consistency across at least two Linux machines

I have two SAMBA machines

they both successfully joined to the same Active Directory (actually SAMBA
4)

I have copied the user files from *server 1* to *server 2*

/owner id/ and /group id/s are preserved.

on server 1, when is do: *id user1*
I get *2001*

but on server 2
the same user has different id. 

This is actual for groups as well i.e different id's.

*smb.conf*s are identical

--
View this message in context:
http://samba.2283325.n4.nabble.com/UID-GID-mapping-consistency-across-at-least-two-Linux-machines-tp4543255p4543255.html
Sent from the Samba - General mailing list archive at Nabble.com.

I found this: http://lists.samba.org/archive/samba/2004-January/078411.html

How to implement "a" scenario?

but..how about simpler way...like, may be, running rsync to copy necessary
fiels from server 1 to server 2.

I could do this..but I don't know which files to replicate?

--
View this message in context:
http://samba.2283325.n4.nabble.com/UID-GID-mapping-consistency-across-at-least-two-Linux-machines-tp4543255p4543292.html
Sent from the Samba - General mailing list archive at Nabble.com.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/09/2012 04:09 PM, bakytn wrote:
> Here ist he global section of my smb.conf:
> 
> I am not sure if I am using Winbind (I guess yes).
> 
> [global]
>    workgroup = DOMAIN
>    realm = DOMAIN.LOCAL
>    preferred master = no
> 
>    server string = SAMBA
>    security = ADS
>    encrypt passwords = yes
>    log level = 1
>    log file = /var/log/samba/log.%m
>    max log size = 1000
> 
>    idmap uid = 3000-20000
>    idmap gid = 3000-20000
>    template shell = /bin/bash
> 
>    winbind enum groups = yes
>    winbind enum users = yes
>    winbind separator = +
>    winbind use default domain = Yes
>    winbind nested groups = Yes
> 
>    template homedir = "/data/files/%U"
> 
>    syslog = 0
> 
>    panic action = /usr/share/samba/panic-action %d
>    passdb backend = tdbsam
> 
>    obey pam restrictions = yes
> 
>    unix password sync = yes
> 
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:*
> %n\n *password\supdated\ssuccessfully* .
> 
>    pam password change = yes
> 
>    map to guest = bad user
> 
>    usershare allow guests = yes
> 
> 
> --
> View this message in context:
http://samba.2283325.n4.nabble.com/UID-GID-mapping-consistency-across-at-least-two-Linux-machines-tp4543255p4543701.html
> Sent from the Samba - General mailing list archive at Nabble.com.
I have some notes on what I have done with my machines.  I hope it may
help you out.  Just read it all over and the template files closely
before just jumping on into it.

https://uisapp2.iu.edu/confluence-prd/display/~rmday/Linux+Integration+with+Active+Directory

- -- 
________

Robert Freeman-Day

https://launchpad.net/~presgas
GPG Public Key:
http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+DiG4ACgkQup357T5MfTaMKQCg0HMM00tuKtxZUMWwzWC1lOSM
fxkAoLd8HO0otegVuye7dIf2c/UO1dc/
=lgc5
-----END PGP SIGNATURE-----

Would you recommend me to use IDMAP_RID with Winbind?

I don't have domain trusts (which is required to be "off" when
using rid).

It's a small domain with about 300 users at the very maximum.

Also..if I just add

idmap backend = idmap_rid:DOMAIN=2000-100000000

What would change? Would it mess my current UID/GID's???


--
View this message in context:
http://samba.2283325.n4.nabble.com/UID-GID-mapping-consistency-across-at-least-two-Linux-machines-tp4543255p4546516.html
Sent from the Samba - General mailing list archive at Nabble.com.