A question to the Samba developers (or anyone else who knows the answer): Since Samba (as of version 4.2) can now use the "normal" winbindd daemon, I suppose that RID mapping on a AD DC will work in the same way as it works on a member server. So, if I configure it in exactly the same way as in my member servers and then replace the UID/GID of all files in the DC with the new ones, everything should work as it worked until now. Am I right? Thank you for the excellent work.
On 21/04/15 23:16, Miguel Medalha wrote:> A question to the Samba developers (or anyone else who knows the answer): > > Since Samba (as of version 4.2) can now use the "normal" winbindd > daemon, I suppose that RID mapping on a AD DC will work in the same > way as it works on a member server. So, if I configure it in exactly > the same way as in my member servers and then replace the UID/GID of > all files in the DC with the new ones, everything should work as it > worked until now. Am I right? > > Thank you for the excellent work. >Unless it has changed a great deal since I tested an rc version of 4.2, then I am sorry but no, it will not work, but feel free to try it. Rowland
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I tried it and it did not work the same as winbindd on a memberserver. I still got UIDs starting with 3.000.000 Am 22.04.15 um 00:16 schrieb Miguel Medalha:> A question to the Samba developers (or anyone else who knows the > answer): > > Since Samba (as of version 4.2) can now use the "normal" winbindd > daemon, I suppose that RID mapping on a AD DC will work in the same > way as it works on a member server. So, if I configure it in > exactly the same way as in my member servers and then replace the > UID/GID of all files in the DC with the new ones, everything should > work as it worked until now. Am I right? > > Thank you for the excellent work. >- -- -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iEYEARECAAYFAlU3XicACgkQ2JOGcNAHDTap0ACgprIzSvlrdz8RfWFmf7ZQkfhD e9EAn05ofpna1eTOe10NaFq+Pp5qsKlp =OzIe -----END PGP SIGNATURE-----
> I tried it and it did not work the same as winbindd on a memberserver. > I still got UIDs starting with 3.000.000 >Thank you for your answer. I am asking because at the moment I don't have a spare machine to test it. Of course you did include "-winbind +winbindd" in a "server services" line in smb.conf, didn't you? Well, my systems work well as they are, with backend RID on member servers only. I suppose I wanted to unify the whole thing for a question of elegance only. Given that versions 4.2.x can use the normal winbind on a DC, I expected consistent behavior here.