Hi, I have followed the guidelines outlined in the article: https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings . I had a doubt: When I ran the tdbbackup -s .bak command idmap.ldb which is 2MB generated a 720k-sized idmap.ldb.bak file. I have stopped the samba service on CD 2, replaced the idmap.ldb file with idmap.ldb.bak, renamed .bak to .ldb and reset Sysvol, then restarted the samba-ad-dc service. However the 2 Samba 4 idmap.ldb files (DC1 and DC2) were different in size. This is normal? Regards, M?rcio Bacci Em sex, 16 de ago de 2019 ?s 14:15, Rowland penny via samba < samba at lists.samba.org> escreveu:> On 16/08/2019 17:56, Marcio Demetrio Bacci wrote: > > Hi, > > > > >It wont actually do anything because of '--dry-run' and you will also > > OK, I posted the wrong command, forgot to take the "--dry-run", sorry. > > > > >have to sync 'idmap.ldb' between DCs > > Sorry again, I didn't undestand how to do idmap.ldb between DCs. > > > > Can I sync /var/lib/samba/private/idmap.ldb with rsync too? > > > No, see here: > > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 18/08/2019 16:39, Marcio Demetrio Bacci wrote:> Hi, > > I have followed the guidelines outlined in the article: > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings. > > I had a doubt: > > When I ran the tdbbackup -s .bak command idmap.ldb which is 2MB > generated a 720k-sized idmap.ldb.bak file. > > I have stopped the samba service on CD 2, replaced the idmap.ldb file > with idmap.ldb.bak, renamed .bak to .ldb and reset Sysvol, then > restarted the samba-ad-dc service. However the 2 Samba 4 idmap.ldb > files (DC1 and DC2) were different in size. This is normal? >Probably, but you can check it with 'tdbbackup -v idmap.ldb' Rowland
Hi, I believe everything is fine, because the idmap.ldb of both servers have the same number of records: 2,305. Does this procedure (Built-in User & Group ID Mappings) need to be performed from time to time or is it enough only once? Regards, M?rcio Bacci Em dom, 18 de ago de 2019 ?s 12:48, Rowland penny via samba < samba at lists.samba.org> escreveu:> On 18/08/2019 16:39, Marcio Demetrio Bacci wrote: > > Hi, > > > > I have followed the guidelines outlined in the article: > > > > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings > . > > > > I had a doubt: > > > > When I ran the tdbbackup -s .bak command idmap.ldb which is 2MB > > generated a 720k-sized idmap.ldb.bak file. > > > > I have stopped the samba service on CD 2, replaced the idmap.ldb file > > with idmap.ldb.bak, renamed .bak to .ldb and reset Sysvol, then > > restarted the samba-ad-dc service. However the 2 Samba 4 idmap.ldb > > files (DC1 and DC2) were different in size. This is normal? > > > Probably, but you can check it with 'tdbbackup -v idmap.ldb' > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >