samba - Dec 2017 - rid overlaps nobody uid

All,

in many manuals winbind rid backend idmap overlaps with linux nobody.

The wiki for example says

idmap config SAMDOM : range = 10000-999999

but debian nobody for example is 65534.

I guess this doesn't matter, or should one use a smaller range?

- Chris

On Wed, 20 Dec 2017 19:49:28 +0100
Chris via samba <samba at lists.samba.org> wrote:
> All,
> 
> in many manuals winbind rid backend idmap overlaps with linux nobody.
> 
> The wiki for example says
> 
> idmap config SAMDOM : range = 10000-999999
> 
> but debian nobody for example is 65534.
> 
> I guess this doesn't matter, or should one use a smaller range?
> 
> - Chris
> 
I wouldn't worry about it, NSS uses /etc/passwd & /etc/group first, so
the local 'nobody' will be found first, just don't use
'65534' as an
AD uidNumber (or gidNumber)

If it really does worry you, just change '65534' to what red-hat uses
'99', there must have been a reason why debian used '65534', but
I
have never found it.

Rowland

On Wed, 20 Dec 2017 19:33:01 +0000
Rowland Penny via samba wrote:
> I wouldn't worry about it, NSS uses /etc/passwd & /etc/group first,
so
> the local 'nobody' will be found first, just don't use
'65534' as an
> AD uidNumber (or gidNumber)
Thank you for your prompt reply.

- Chris