I'm using a member server joined to my primary domain. I'm using winbind
because I have a trusted domain.
both pdc and member server has
idmap uid = 80000-90000
idmap gid = 80000-90000
idmap backend = ldap:ldap://my.pcd
member server has
security=domain
password server = *
(and no passdb line)
nsswitch.conf on the member is
passwd: compat winbind
group: compat winbind
shadow: compat
Everything works great. Mappings are stored in idmap and I have
consistent uids for the trusted domain on both the pdc and the member
server.
However mappings for the primary domain (that the server is a member of)
on the member server are diifferent from the pdc of that domain because
it creates new mappings in idmap in ldap.
That means that all member servers will have consistent mappings for the
primary domain and all bdcs will have consistent mappings but the 2 sets
of mappings will not be the same.
Is there any way I can make the 2 sets the same? Samba is 3.4.7.