On 14/10/2022 16:18, Lorenzo Milesi wrote:> >> On 14/10/2022 15:45, Lorenzo Milesi via samba wrote: >> I take it that all your users now have ID's in the 700001-800000 range. > > Yep! > >> You can just change the last two lines to use the NetBIOS domain name >> (aka workgroup) and restart Samba, but this is going to change all your >> user & group ID's on that Unix domain member. > > Did now, even rebooted the server, but I still get IDs in the range above!Sorry, I keep forgetting this, you need to clear the cache with 'net cache flush' Rowland
wonderful, thank you! ----- Original Message -----> From: "Rowland Penny via samba" <samba at lists.samba.org> > To: "samba" <samba at lists.samba.org> > Cc: "Rowland Penny" <rpenny at samba.org> > Sent: Friday, October 14, 2022 5:21:21 PM > Subject: Re: [Samba] Change (fix) idmap config> On 14/10/2022 16:18, Lorenzo Milesi wrote: >> >>> On 14/10/2022 15:45, Lorenzo Milesi via samba wrote: >>> I take it that all your users now have ID's in the 700001-800000 range. >> >> Yep! >> >>> You can just change the last two lines to use the NetBIOS domain name >>> (aka workgroup) and restart Samba, but this is going to change all your >>> user & group ID's on that Unix domain member. >> >> Did now, even rebooted the server, but I still get IDs in the range above! > > Sorry, I keep forgetting this, you need to clear the cache with 'net > cache flush' > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba-- Lorenzo Milesi - lorenzo.milesi at yetopen.com CTO @ YetOpen Srl YetOpen - https://www.yetopen.com/ Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood Avenue - Suite 200 - Raleigh, NC 27612 - USA - Tel +39 0341 220 205 - info.it at yetopen.com | Phone +1 919-817-8106 - info.us at yetopen.com Think green - Non stampare questa e-mail se non necessario / Don't print this email unless necessary -------- D.Lgs. 196/2003 e GDPR 679/2016 -------- Tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da ritenere confidenziali e riservate secondo i termini del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo 679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non autorizzata. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. Confidentiality notice: this email message including any attachment is for the sole use of the intended recipient and may contain confidential and privileged information; pursuant to Legislative Decree 196/2003 and the European General Data Protection Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recepient please delete this message without copying, printing or forwarding it to others, and alert us as soon as possible. Thank you.
> Sorry, I keep forgetting this, you need to clear the cache with 'net > cache flush'Ok, I made the switch but one more thing. As soon as I restart smb+nmb+winbind the "domain users" group has this id: # getent group "domain users" domain users:x:10513: after a few seconds, the ID is "restored" to the wrong one: # getent group "domain users" domain users:x:700009: I don't have a custom id set in the group: # samba-tool group show "domain users" dn: CN=Domain Users,CN=Users,DC=wdc,DC=domain,DC=it objectClass: top objectClass: group cn: Domain Users description: All domain users instanceType: 4 whenCreated: 20220715153450.0Z whenChanged: 20220715153450.0Z uSNCreated: 5074 name: Domain Users objectGUID: 32bbb713-c5de-4d05-bb5a-25ee53e6971f objectSid: S-1-5-21-1322844432-1368091937-3368753673-513 sAMAccountName: Domain Users sAMAccountType: 268435456 groupType: -2147483646 objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=wdc,DC=domain,DC=it isCriticalSystemObject: TRUE uSNChanged: 5264 memberOf: CN=Users,CN=Builtin,DC=wdc,DC=domain,DC=it distinguishedName: CN=Domain Users,CN=Users,DC=wdc,DC=domain,DC=it -- Lorenzo Milesi - lorenzo.milesi at yetopen.com CTO @ YetOpen Srl YetOpen - https://www.yetopen.com/ Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood Avenue - Suite 200 - Raleigh, NC 27612 - USA - Tel +39 0341 220 205 - info.it at yetopen.com | Phone +1 919-817-8106 - info.us at yetopen.com Think green - Non stampare questa e-mail se non necessario / Don't print this email unless necessary -------- D.Lgs. 196/2003 e GDPR 679/2016 -------- Tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da ritenere confidenziali e riservate secondo i termini del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo 679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non autorizzata. Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile. Grazie. Confidentiality notice: this email message including any attachment is for the sole use of the intended recipient and may contain confidential and privileged information; pursuant to Legislative Decree 196/2003 and the European General Data Protection Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recepient please delete this message without copying, printing or forwarding it to others, and alert us as soon as possible. Thank you.