samba - Dec 2021 - UID translation mystery or Festivus miracle?

I'm guessing this is an rsync thing I wasn't aware of, but I've
gotten
useful tips from the rsync therapists on this list before.

I'm transferring data from an old Samba PDC system to a new Samba 4.15.3 
file server bound to a samba-ad-dc using the RID id mapping.  All the 
user ID's are changing as as result, so I was preparing to write a 
script to translate the file/directory owner uids/gids when I noticed 
something really odd.

On the old PDC/fileserver:

root at data:home# id pgoetz
uid=1004(pgoetz) gid=1004(pgoetz) 
groups=1004(pgoetz),27(sudo),100(users),5005(gco)

root at data:home# ls -ld pgoetz
drwxr-xr-x 10 pgoetz pgoetz 4096 Dec 10 06:20 pgoetz


Rsync the data over to the new file server:

root at data:/# cd home
root at data:home# rsync -axW * data2:/data/home-old/


And now on the new fileserver:

archives at data2:/data/home-old$ id pgoetz
uid=11103(pgoetz) gid=10513(domain users) groups=10513(domain 
users),11103(pgoetz),11112(ea-staff),11113(ea-admins),3001(BUILTIN\users)

archives at data2:/data/home-old$ ls -ld pgoetz
drwxr-xr-x 10 pgoetz pgoetz 4096 Dec 10 06:20 pgoetz

----

I'm only showing my home folder, but for every user account created in 
the new domain, the transferred files already have the correct file 
ownership on the new system.

My best guess is rsync is using the username to convert the UIDs?

A secondary mystery is that my group is still "pgoetz" even though
there
is no such group defined in the domain.  How does that work?

On Wed, 2021-12-22 at 10:49 -0600, Patrick Goetz via samba
wrote:
> I'm guessing this is an rsync thing I wasn't aware of, but I've
> gotten 
> useful tips from the rsync therapists on this list before.
> 
> I'm transferring data from an old Samba PDC system to a new Samba
> 4.15.3 
> file server bound to a samba-ad-dc using the RID id mapping.  All
> the 
> user ID's are changing as as result, so I was preparing to write a 
> script to translate the file/directory owner uids/gids when I
> noticed 
> something really odd.
> 
> On the old PDC/fileserver:
> 
> root at data:home# id pgoetz
> uid=1004(pgoetz) gid=1004(pgoetz) 
> groups=1004(pgoetz),27(sudo),100(users),5005(gco)
> 
> root at data:home# ls -ld pgoetz
> drwxr-xr-x 10 pgoetz pgoetz 4096 Dec 10 06:20 pgoetz
> 
> 
> Rsync the data over to the new file server:
> 
> root at data:/# cd home
> root at data:home# rsync -axW * data2:/data/home-old/
> 
> 
> And now on the new fileserver:
> 
> archives at data2:/data/home-old$ id pgoetz
> uid=11103(pgoetz) gid=10513(domain users) groups=10513(domain 
> users),11103(pgoetz),11112(ea-staff),11113(ea-
> admins),3001(BUILTIN\users)
> 
> archives at data2:/data/home-old$ ls -ld pgoetz
> drwxr-xr-x 10 pgoetz pgoetz 4096 Dec 10 06:20 pgoetz
> 
> ----
> 
> I'm only showing my home folder, but for every user account created
> in 
> the new domain, the transferred files already have the correct file 
> ownership on the new system.
> 
> My best guess is rsync is using the username to convert the UIDs?
Of course, rather than guessing, you could read 'man rsync', where you
would find this:

--numeric-ids
With this option rsync will transfer numeric group and user IDs rather
than
using user and group names and mapping them at both ends.

By  default  rsync will use the username and groupname to determine
what
ownership to give files. The special uid 0 and the special group 0 are
never mapped via user/group names even if the --numeric-ids option is
not specified.
> 
> A secondary mystery is that my group is still "pgoetz" even
though
> there 
> is no such group defined in the domain.  How does that work?
It is Magic :-D

The magic of 'id_type_both', Samba creates a usergroup if one does not
exist.

Rowland

Thanks, Roland!

I thought rsync defaulted to using numeric ids, but am now realizing I 
only thought this because more often than not I'm rsync'ing to hosts 
where most of the source host users don't exist (so the file owner is 
just displayed as the source host numeric ID).

About this, though:

 > The magic of 'id_type_both', Samba creates a usergroup if one does
not
 > exist.

I thought of this and used ADUC to look for a pgoetz group in the 
domain, but found none. Is this a persistent group, and if so, how/where 
is it stored that it can't be found by ADUC?



On 12/24/21 05:15, Rowland Penny via samba wrote:
>>
>> My best guess is rsync is using the username to convert the UIDs?
> 
> Of course, rather than guessing, you could read 'man rsync', where
you
> would find this:
> 
> --numeric-ids
> With this option rsync will transfer numeric group and user IDs rather
> than
> using user and group names and mapping them at both ends.
> 
> By  default  rsync will use the username and groupname to determine
> what
> ownership to give files. The special uid 0 and the special group 0 are
> never mapped via user/group names even if the --numeric-ids option is
> not specified.
> 
>>
>> A secondary mystery is that my group is still "pgoetz" even
though
>> there
>> is no such group defined in the domain.  How does that work?
> 
> It is Magic :-D
> 
> The magic of 'id_type_both', Samba creates a usergroup if one does
not
> exist.
> 
> Rowland
> 
> 
>