... as follows :
rpm -qa | grep samba
samba-3.6.23-35.el6_8.x86_64
samba-common-3.6.23-35.el6_8.x86_64
samba-winbind-clients-3.6.23-35.el6_8.x86_64
samba-winbind-3.6.23-35.el6_8.x86_64
[global]
workgroup = ABC
realm = ABC.COM
security = ADS
restrict anonymous = 1
log file = /var/log/samba/log.%m
max log size = 50
client signing = required
server signing = Yes
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
dns proxy = No
wins server = x.x.x.x
socket address = x.x.x.x
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
idmap config * : range = 10000-20000
idmap config * : backend = tdb
On Thu, Jul 14, 2016 at 11:47 AM, Rowland penny <rpenny at samba.org>
wrote:
> On 14/07/16 09:34, Shaun Glass wrote:
>
>> Good Day All,
>>
>> We have an issue where the following in smb.conf :
>>
>> idmap uid = 10000-20000
>>
>> ... it is resulting in assigned id's clashing with id's in
passwd. What
>> are
>> the repercussions should we change to say the following :
>>
>> idmap uid = 20000-30000
>>
>> Many thanks.
>>
>> Regards
>>
>> Shaun
>>
>
> What version of Samba ?
> idmap uid (and gid) are depreciated in later versions of Samba, it may
> help if you post the entire [global] section of your smb.conf.
>
> What ever the version of Samba, raising the lower level wouldn't really
be
> a good idea, any saved files belonging to an ID in the range 10000-20000
> would lose their owners.
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
On 14/07/16 11:01, Shaun Glass wrote:> ... as follows : > > rpm -qa | grep samba > samba-3.6.23-35.el6_8.x86_64 > samba-common-3.6.23-35.el6_8.x86_64 > samba-winbind-clients-3.6.23-35.el6_8.x86_64 > samba-winbind-3.6.23-35.el6_8.x86_64 > > [global] > workgroup = ABC > realm = ABC.COM <http://ABC.COM> > security = ADS > restrict anonymous = 1 > log file = /var/log/samba/log.%m > max log size = 50 > client signing = required > server signing = Yes > socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 > dns proxy = No > wins server = x.x.x.x > socket address = x.x.x.x > winbind separator = + > winbind enum users = Yes > winbind enum groups = Yes > idmap config * : range = 10000-20000 > idmap config * : backend = tdb > > On Thu, Jul 14, 2016 at 11:47 AM, Rowland penny <rpenny at samba.org > <mailto:rpenny at samba.org>> wrote: > > On 14/07/16 09:34, Shaun Glass wrote: > > Good Day All, > > We have an issue where the following in smb.conf : > > idmap uid = 10000-20000 > > ... it is resulting in assigned id's clashing with id's in > passwd. What are > the repercussions should we change to say the following : > > idmap uid = 20000-30000 > > Many thanks. > > Regards > > Shaun > > > What version of Samba ? > idmap uid (and gid) are depreciated in later versions of Samba, it > may help if you post the entire [global] section of your smb.conf. > > What ever the version of Samba, raising the lower level wouldn't > really be a good idea, any saved files belonging to an ID in the > range 10000-20000 would lose their owners. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >You initially asked about 'idmap uid', but I don't see it in your smb.conf, what I do see is: idmap config * : range = 10000-20000 idmap config * : backend = tdb The '*' is for the BUILTIN users & groups etc I don't see anything for the Domain users & groups, are you also running sssd ? If so, you don't need winbind. Rowland
... no, no sssd. Basically we had : id -a "localuser" uid=17057 id -a "ABC+aduser" uid=17057 ... file ownership started getting wrecked so we are looking for a way to correct. On Thu, Jul 14, 2016 at 2:26 PM, Rowland penny <rpenny at samba.org> wrote:> On 14/07/16 11:01, Shaun Glass wrote: > > ... as follows : > > rpm -qa | grep samba > samba-3.6.23-35.el6_8.x86_64 > samba-common-3.6.23-35.el6_8.x86_64 > samba-winbind-clients-3.6.23-35.el6_8.x86_64 > samba-winbind-3.6.23-35.el6_8.x86_64 > > [global] > workgroup = ABC > realm = ABC.COM > security = ADS > restrict anonymous = 1 > log file = /var/log/samba/log.%m > max log size = 50 > client signing = required > server signing = Yes > socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 > dns proxy = No > wins server = x.x.x.x > socket address = x.x.x.x > winbind separator = + > winbind enum users = Yes > winbind enum groups = Yes > idmap config * : range = 10000-20000 > idmap config * : backend = tdb > > On Thu, Jul 14, 2016 at 11:47 AM, Rowland penny <rpenny at samba.org> wrote: > >> On 14/07/16 09:34, Shaun Glass wrote: >> >>> Good Day All, >>> >>> We have an issue where the following in smb.conf : >>> >>> idmap uid = 10000-20000 >>> >>> ... it is resulting in assigned id's clashing with id's in passwd. What >>> are >>> the repercussions should we change to say the following : >>> >>> idmap uid = 20000-30000 >>> >>> Many thanks. >>> >>> Regards >>> >>> Shaun >>> >> >> What version of Samba ? >> idmap uid (and gid) are depreciated in later versions of Samba, it may >> help if you post the entire [global] section of your smb.conf. >> >> What ever the version of Samba, raising the lower level wouldn't really >> be a good idea, any saved files belonging to an ID in the range 10000-20000 >> would lose their owners. >> >> Rowland >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > > > You initially asked about 'idmap uid', but I don't see it in your > smb.conf, what I do see is: > > idmap config * : range = 10000-20000 > idmap config * : backend = tdb > > The '*' is for the BUILTIN users & groups etc > I don't see anything for the Domain users & groups, are you also running > sssd ? > If so, you don't need winbind. > > Rowland > >