Correct me if I'm wrong? You say that by RSAT and NIS I add a uid and gid for each user in the DC. As mentioned here: https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Check_if_RFC2307_is_used_by_your_Domain_Controllers If I do this, users are added to the passwd file on the domain controller or saved to the db sam? Im go to try this tomorrow. That big problem is not provisioned with RFC2307!!!!> Date: Mon, 23 Mar 2015 20:55:23 +0000 > From: rowlandpenny at googlemail.com > To: samba at lists.samba.org > Subject: Re: [Samba] UID and GID mapping throw DC and Member DC > > On 23/03/15 20:28, Jhon P wrote: > > Question: > > When you add users to the ADDC the UID users are always going to be > > different from those obtained by the DC winbind Member? > > If you add uidNumbers & gidNumbers to users and groups you will get the > same ID numbers everywhere, here is an example: > > On a DC: > > root at dc01:~# getent passwd rowland > EXAMPLE\rowland:*:10000:10000:Rowland Penny:/home/EXAMPLE/rowland:/bin/bash > > And on my laptop (a linux client): > > rowland at ThinkPad ~ $ getent passwd rowland > rowland:*:10000:10000::/home/rowland:/bin/bash > > > > > I talk about destroy the member server, because I have the freedom to > > do it again if necessary, this server is not in production. > > > > Regards. > > > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
On 23/03/15 21:37, Jhon P wrote:> Correct me if I'm wrong? > > You say that by RSAT and NIS I add a uid and gid for each user in the DC.NO, you need to add a 'uidNumber' attribute to each user that you want to be visible to Unix, you also need to add a 'gidNumber' attribute to the groups that you want to be visible, at a minimum 'Domain Users'. These are the numbers that have to be inside the range set in smb.conf.> As mentioned here: > https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Check_if_RFC2307_is_used_by_your_Domain_Controllers > > If I do this, users are added to the passwd file on the domain > controller or saved to the db sam? >Do not add any users to /etc/passwd (via useradd) that you want to be domain users, your users are either domain users or local users, they cannot be both in a Active directory domain.> Im go to try this tomorrow. > > That big problem is not provisioned with RFC2307!!!! > >Yes but you have updated your AD by following the wiki page I pointed you at, haven't you ?? Rowland> > Date: Mon, 23 Mar 2015 20:55:23 +0000 > > From: rowlandpenny at googlemail.com > > To: samba at lists.samba.org > > Subject: Re: [Samba] UID and GID mapping throw DC and Member DC > > > > On 23/03/15 20:28, Jhon P wrote: > > > Question: > > > When you add users to the ADDC the UID users are always going to be > > > different from those obtained by the DC winbind Member? > > > > If you add uidNumbers & gidNumbers to users and groups you will get the > > same ID numbers everywhere, here is an example: > > > > On a DC: > > > > root at dc01:~# getent passwd rowland > > EXAMPLE\rowland:*:10000:10000:Rowland > Penny:/home/EXAMPLE/rowland:/bin/bash > > > > And on my laptop (a linux client): > > > > rowland at ThinkPad ~ $ getent passwd rowland > > rowland:*:10000:10000::/home/rowland:/bin/bash > > > > > > > > I talk about destroy the member server, because I have the freedom to > > > do it again if necessary, this server is not in production. > > > > > > Regards. > > > > > > > Rowland > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba
Ok, im try add uidNumber for the user and it works, on both servers UID is equal. :-) I can change the uid of the administrator or it may cause problems? Greetings.> Date: Mon, 23 Mar 2015 21:47:20 +0000 > From: rowlandpenny at googlemail.com > To: samba at lists.samba.org > Subject: Re: [Samba] UID and GID mapping throw DC and Member DC > > On 23/03/15 21:37, Jhon P wrote: > > Correct me if I'm wrong? > > > > You say that by RSAT and NIS I add a uid and gid for each user in the DC. > > NO, you need to add a 'uidNumber' attribute to each user that you want > to be visible to Unix, you also need to add a 'gidNumber' attribute to > the groups that you want to be visible, at a minimum 'Domain Users'. > These are the numbers that have to be inside the range set in smb.conf. > > > As mentioned here: > > https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Check_if_RFC2307_is_used_by_your_Domain_Controllers > > > > If I do this, users are added to the passwd file on the domain > > controller or saved to the db sam? > > > > Do not add any users to /etc/passwd (via useradd) that you want to be > domain users, your users are either domain users or local users, they > cannot be both in a Active directory domain. > > > > Im go to try this tomorrow. > > > > That big problem is not provisioned with RFC2307!!!! > > > > > > Yes but you have updated your AD by following the wiki page I pointed > you at, haven't you ?? > > Rowland > > > > Date: Mon, 23 Mar 2015 20:55:23 +0000 > > > From: rowlandpenny at googlemail.com > > > To: samba at lists.samba.org > > > Subject: Re: [Samba] UID and GID mapping throw DC and Member DC > > > > > > On 23/03/15 20:28, Jhon P wrote: > > > > Question: > > > > When you add users to the ADDC the UID users are always going to be > > > > different from those obtained by the DC winbind Member? > > > > > > If you add uidNumbers & gidNumbers to users and groups you will get the > > > same ID numbers everywhere, here is an example: > > > > > > On a DC: > > > > > > root at dc01:~# getent passwd rowland > > > EXAMPLE\rowland:*:10000:10000:Rowland > > Penny:/home/EXAMPLE/rowland:/bin/bash > > > > > > And on my laptop (a linux client): > > > > > > rowland at ThinkPad ~ $ getent passwd rowland > > > rowland:*:10000:10000::/home/rowland:/bin/bash > > > > > > > > > > > I talk about destroy the member server, because I have the freedom to > > > > do it again if necessary, this server is not in production. > > > > > > > > Regards. > > > > > > > > > > Rowland > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: https://lists.samba.org/mailman/options/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba