Hello! Own two Dcs Samba 4.4, this all OK, but ids are different: Example DC2: id tr005 uid = 3000039 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 (users), 3000039 (TESTELOCAL \ tr005), 3,000,009 (BUILTIN \ users) Example DC2: id tr005 uid = 3000023 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 (users), 3000023 (TESTELOCAL \ tr005), 3,000,001 (BUILTIN \ users) My smb.conf is the same in both: # Global parameters [global] workgroup = TESTELOCAL realm = TESTELOCAL.INTERNO netbios name = SAMBADC-01 server role = active directory domain controller server services = s3fs, rpc, NBT, wrepl, ldap, CLDAP, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate idmap_ldb: use RFC2307 = yes [Netlogon] path = /opt/samba/var/locks/sysvol/testelocal.interno/scripts read only = No [Sysvol] path = / opt / samba / var / locks / sysvol read only = No The doubt is this and problem? If yes, how to fix? Thank you
Correcting previous email Hello! Own two Dcs Samba 4.4, this all OK, but ids are different: Example DC1: id tr005 uid = 3000039 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 (users), 3000039 (TESTELOCAL \ tr005), 3,000,009 (BUILTIN \ users) Example DC2: id tr005 uid = 3000023 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 (users), 3000023 (TESTELOCAL \ tr005), 3,000,001 (BUILTIN \ users) My smb.conf is the same in both: # Global parameters [global] workgroup = TESTELOCAL realm = TESTELOCAL.INTERNO netbios name = SAMBADC-01 server role = active directory domain controller server services = s3fs, rpc, NBT, wrepl, ldap, CLDAP, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate idmap_ldb: use RFC2307 = yes [Netlogon] path = /opt/samba/var/locks/sysvol/testelocal.interno/scripts read only = No [Sysvol] path = / opt / samba / var / locks / sysvol read only = No The doubt is this and problem? If yes, how to fix? Thank you Em 14-06-2016 12:59, Carlos A. P. Cunha escreveu:> > Hello! > Own two Dcs Samba 4.4, this all OK, but ids are different: > > > Example DC2: > id tr005 > uid = 3000039 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 > (users), 3000039 (TESTELOCAL \ tr005), 3,000,009 (BUILTIN \ users) > > Example DC2: > id tr005 > uid = 3000023 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 > (users), 3000023 (TESTELOCAL \ tr005), 3,000,001 (BUILTIN \ users) > > My smb.conf is the same in both: > # Global parameters > [global] > workgroup = TESTELOCAL > realm = TESTELOCAL.INTERNO > netbios name = SAMBADC-01 > server role = active directory domain controller > server services = s3fs, rpc, NBT, wrepl, ldap, CLDAP, kdc, drepl, > winbindd, ntp_signd, kcc, dnsupdate > idmap_ldb: use RFC2307 = yes > > > [Netlogon] > path = /opt/samba/var/locks/sysvol/testelocal.interno/scripts > read only = No > > [Sysvol] > path = / opt / samba / var / locks / sysvol > read only = No > > > The doubt is this and problem? > If yes, how to fix? > > Thank you >
On 14/06/16 17:00, Carlos A. P. Cunha wrote:> Correcting previous email > > > Hello! > Own two Dcs Samba 4.4, this all OK, but ids are different: > > > Example DC1: > id tr005 > uid = 3000039 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 > (users), 3000039 (TESTELOCAL \ tr005), 3,000,009 (BUILTIN \ users) > > Example DC2: > id tr005 > uid = 3000023 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 > (users), 3000023 (TESTELOCAL \ tr005), 3,000,001 (BUILTIN \ users) > > My smb.conf is the same in both: > # Global parameters > [global] > workgroup = TESTELOCAL > realm = TESTELOCAL.INTERNO > netbios name = SAMBADC-01 > server role = active directory domain controller > server services = s3fs, rpc, NBT, wrepl, ldap, CLDAP, kdc, drepl, > winbindd, ntp_signd, kcc, dnsupdate > idmap_ldb: use RFC2307 = yes > > > [Netlogon] > path = /opt/samba/var/locks/sysvol/testelocal.interno/scripts > read only = No > > [Sysvol] > path = / opt / samba / var / locks / sysvol > read only = No > > > The doubt is this and problem? > If yes, how to fix? > > Thank you > > > Em 14-06-2016 12:59, Carlos A. P. Cunha escreveu: >> >> Hello! >> Own two Dcs Samba 4.4, this all OK, but ids are different: >> >> >> Example DC2: >> id tr005 >> uid = 3000039 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 >> (users), 3000039 (TESTELOCAL \ tr005), 3,000,009 (BUILTIN \ users) >> >> Example DC2: >> id tr005 >> uid = 3000023 (TESTELOCAL \ tr005) gid = 100 (users) groups = 100 >> (users), 3000023 (TESTELOCAL \ tr005), 3,000,001 (BUILTIN \ users) >> >> My smb.conf is the same in both: >> # Global parameters >> [global] >> workgroup = TESTELOCAL >> realm = TESTELOCAL.INTERNO >> netbios name = SAMBADC-01 >> server role = active directory domain controller >> server services = s3fs, rpc, NBT, wrepl, ldap, CLDAP, kdc, drepl, >> winbindd, ntp_signd, kcc, dnsupdate >> idmap_ldb: use RFC2307 = yes >> >> >> [Netlogon] >> path = /opt/samba/var/locks/sysvol/testelocal.interno/scripts >> read only = No >> >> [Sysvol] >> path = / opt / samba / var / locks / sysvol >> read only = No >> >> >> The doubt is this and problem? >> If yes, how to fix? >> >> Thank you >> >Each DC can and probably will have different UIDs for users, this is because the DCs use idmap.ldb and this uses 'xidNumber' attributes which seem to be allocated on a first come basis. One way to get the same UID numbers on all DCs, is to copy idmap.ldap from the first DC to all others and then keep them in sync, the other is to use RFC2307 attributes. Rowland