Am 2017-10-09 um 21:57 schrieb Rowland Penny via samba:> On Mon, 9 Oct 2017 21:35:39 +0200
> "Stefan G. Weichinger via samba" <samba at lists.samba.org>
wrote:
>
>> Am 2017-10-09 um 21:04 schrieb Rowland Penny via samba:
>>
>>> It isn't supposed to work like this and it didn't used to
work like
>>> this.
>>
>> Then the software shouldn't allow me to do so and/or give useful
>> feedback, don't you agree?
>
> I don't see how you could be stopped from doing this, when a user or
> group first contacts a DC, it is given an 'xidNumber' attribute in
> idmap.ldb, containing the next available number in the 3000000' range.
> If you decide to give this user or group a uidNumber or gidNumber
> attribute, this should be used instead, which is what happens when you
> run 'net cache flush'. The problem is, you shouldn't have to
run the
> 'net' command at all and you didn't used to have to. If we
could narrow
> it down to when it started not working correctly, it might help.
The admin there created a group via RSAT.
And that group was not visible/usable on the DM server.
Only after that I tried to figure out things on the shell, digging for
the group on both servers via getent and wbinfo.
Until here there was no decision for a uidNumber or gidNumber.
He did not set one via RSAT. Does he have to do that?
I then deleted the group via samba-tool and created it again:
samba-tool group create gfass --nis-domain=arbeitsgruppe --gid-number=10580
If this is wrong, I am happy to learn how to do that correctly.
I understand that running
wbinfo --group-info="gfass"
is problematic as long as the reported bug isn't fixed, correct?
thanks, Stefan