After tried to solve the problem with "getent", I found another problem with the Member server. The member server works well, but the "uid" and "gid" mapping for users its incorrect. In the DC the "UID" "GID" its around 3000085 In the Member Server its around 2000 - 3000 For example: ADDC Server. --------------------- root at ACDC:/# wbinfo --user-info=Prueba KENNEDY\prueba:*:3000022:100:Prueba:/home/KENNEDY/prueba:/bin/false MEMBER SERVER ----------------------- root at MEMBERSERVER/home/prueba# wbinfo --user-info=prueba prueba:*:2451:2004:Prueba:/home/KENNEDY/prueba:/bin/false Any way to solve this.
On 23/03/15 18:27, Jhon P wrote:> After tried to solve the problem with "getent", I found another > problem with the Member server. > > The member server works well, but the "uid" and "gid" mapping for > users its incorrect. > > In the DC the "UID" "GID" its around 3000085 > > In the Member Server its around 2000 - 3000 > > For example: > > > ADDC Server. > --------------------- > root at ACDC:/# wbinfo --user-info=Prueba > KENNEDY\prueba:*_:3000022:100_:Prueba:/home/KENNEDY/prueba:/bin/falseThe '3000022' is coming from winbind mapping the users RID> > MEMBER SERVER > ----------------------- > root at MEMBERSERVER/home/prueba# wbinfo --user-info=prueba > prueba:*:_2451:2004_:Prueba:/home/KENNEDY/prueba:/bin/false >The '2451' is again coming from winbind mapping the users RID, but because you are using different winbinds on the DC and the member server, you are getting different numbers. This is just one of the reasons not use the DC for anything other than authentication. You could try adding a 'uidNumber' to your AD users and a 'gidNumber' to 'Domain Users', these numbers need to be inside the range set in the member server smb.conf, for instance if you follow the member server page on the wiki, not less than 2000 and not more than 999999. I must point out that if this does not work, it may be time to get the sledgehammer out :-) Rowland> Any way to solve this.
What do you mean with different winbinds? I can destroy the member server, its on testing. It is for the version of windbind? I can get this from DC. But I can not do the same with DC. "Tonight 2X1 sledgehammers." :-) XD> Date: Mon, 23 Mar 2015 18:43:21 +0000 > From: rowlandpenny at googlemail.com > To: samba at lists.samba.org > Subject: Re: [Samba] UID and GID mapping throw DC and Member DC > > On 23/03/15 18:27, Jhon P wrote: > > After tried to solve the problem with "getent", I found another > > problem with the Member server. > > > > The member server works well, but the "uid" and "gid" mapping for > > users its incorrect. > > > > In the DC the "UID" "GID" its around 3000085 > > > > In the Member Server its around 2000 - 3000 > > > > For example: > > > > > > ADDC Server. > > --------------------- > > root at ACDC:/# wbinfo --user-info=Prueba > > KENNEDY\prueba:*_:3000022:100_:Prueba:/home/KENNEDY/prueba:/bin/false > > The '3000022' is coming from winbind mapping the users RID > > > > > MEMBER SERVER > > ----------------------- > > root at MEMBERSERVER/home/prueba# wbinfo --user-info=prueba > > prueba:*:_2451:2004_:Prueba:/home/KENNEDY/prueba:/bin/false > > > > The '2451' is again coming from winbind mapping the users RID, but > because you are using different winbinds on the DC and the member > server, you are getting different numbers. This is just one of the > reasons not use the DC for anything other than authentication. > > You could try adding a 'uidNumber' to your AD users and a 'gidNumber' to > 'Domain Users', these numbers need to be inside the range set in the > member server smb.conf, for instance if you follow the member server > page on the wiki, not less than 2000 and not more than 999999. > > I must point out that if this does not work, it may be time to get the > sledgehammer out :-) > > Rowland > > Any way to solve this. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Seemingly Similar Threads
- UID and GID mapping throw DC and Member DC
- UID and GID mapping throw DC and Member DC
- UID and GID mapping throw DC and Member DC
- UID and GID mapping throw DC and Member DC
- Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes