Yanick Quirion
2006-Feb-01 21:22 UTC
[Samba] Manual UID & GID mapping with Active Directory
Greetings,
I'm looking how I can set manually the GID & UID of my Active Directory
users into Samba & Winbind.
I have several server linux using Samba and they are linked to Active
Directory to get users & groups. On all my Linux system I did a "net
join ads". Also I set this option in all smb.conf:
idmap uid = 20000-30000
idmap gid = 20000-30000
However, all systems don't seem having the same database to UID & GID
mapping. There is a way to make all my Linux system having the same
mapping?
Best Regards,
Yanick
Geoffrey Scott
2006-Feb-02 01:46 UTC
[Samba] Manual UID & GID mapping with Active Directory
Yanick Quirion wrote:> idmap uid = 20000-30000 > > idmap gid = 20000-30000 > > > > However, all systems don't seem having the same database to UID & GID > mapping. There is a way to make all my Linux system having the same > mapping? >Look up idmap_rid or research storing winbind stuff in ldap and then a using master and slave ldap servers to push the consistent uid and gid from one server to all others GS
Yanick Quirion
2006-Feb-02 15:37 UTC
[Samba] Manual UID & GID mapping with Active Directory
Hi Geoffrey, Is it possible for you to be more specific about this configuration? Have you already done it in the past? I'm not very good with ldap and more hints how to setup this will be helpful. Regards, Yanick -----Original Message----- From: Geoffrey Scott [mailto:geoffs@guestshire.com] Sent: 1 February, 2006 20:46 To: Yanick Quirion; samba@lists.samba.org Subject: RE: [Samba] Manual UID & GID mapping with Active Directory Yanick Quirion wrote:> idmap uid = 20000-30000 > > idmap gid = 20000-30000 > > > > However, all systems don't seem having the same database to UID & GID > mapping. There is a way to make all my Linux system having the same > mapping? >Look up idmap_rid or research storing winbind stuff in ldap and then a using master and slave ldap servers to push the consistent uid and gid from one server to all others GS
Geoffrey Scott
2006-Feb-02 22:44 UTC
[Samba] Manual UID & GID mapping with Active Directory
Yanick Quirion wrote:> Hi Geoffrey, > > Is it possible for you to be more specific about this configuration? > Have you already done it in the past? I'm not very good with ldap and > more hints how to setup this will be helpful.If you look in Chapter 7 of the samba by example book (available in dead tree format which means John gets paid for his efforts, or online in PDF in the docs section of the samba.org site) You'll see a few more specifics of how to set up both scenarios. I personally chose to use idmap_rid for simplicities sake, but that was with Debian. as I understand it, Redhat doesn't build idmap_rid.so by default, so you may want to update your locate db and use locate to search for idmap_rid. I haven't checked yet to see if the sernet rpms have it built so that may be something for you to investigate. If you follow the recipe in chapter 7 for idmap_rid keep in mind that John is a little vague on the need for setting up the krb.conf file. You may need to follow part of chapter 12 where he shows how to configure that file and use kinit etc (although you must have had success in this already). HTH Regards Geoff> Regards, > Yanick>> However, all systems don't seem having the same database to UID & GID >> mapping. There is a way to make all my Linux system having the same >> mapping? >> > Look up idmap_rid or research storing winbind stuff in ldap and then > a using master and slave ldap servers to push the consistent uid and > gid from one server to all others > > GS