After typing in the samba domain to change uid gid of domain users (idmap)?

0 like 0 dislike
25 views
I introduced a samba (Version 4.5.12-Debian) to the domain when it is configured prescribed:
idmap config * : range = 1422390000-1422399999
idmap config centr:schema_mode = rfc2307
centr idmap config:range = 1422390000-1422399999
centr idmap config:backend = hash
idmap config * : backend = ad

Everything works, getend passwd, and wbinfo shows users. With Windows clients in the domain folders open without a password.

Now, as an experiment changed:
this range 1422390000-1422399999 on 1442390000-1442399999 but the uid has changed, stelisti in the old range. I tried to withdraw and enter into the domain again, but it didn't help. Tried to change different backend (tdb, hash) but nothing changes.

I think that you need to remove a file after the withdrawal from the domain that you type it snogo created. But this assumption is simply.
by | 25 views

2 Answers

0 like 0 dislike
His own answer, in case you want.

This team look where you want to clean:
# smbd -b | egrep "LOCKDIR|STATEDIR|CACHEDIR|PRIVATE_DIR"
LOCKDIR: /usr/local/samba/var/lock/
STATEDIR: /usr/local/samba/var/locks/
CACHEDIR: /usr/local/samba/var/cache/
PRIVATE_DIR: /usr/local/samba/private/

And from all these directories to be deleted .and tdb .ldb files. So as winbind no longer starts because the files were gone, just translate in the domain and files to sozdajutsja and winbind starts.
by
0 like 0 dislike
Maybe a little late, but tinctures are not quite right:
idmap config * : range = 1422390000-1422399999
idmap config centr:schema_mode = rfc2307 <- uidNumber/gidNumber should be spelled out in the AD
centr idmap config:range = 1422390000-1422399999
centr idmap config:backend = hash <- should be "ad" because rfc2307, especially deprecated the hash (https://www.samba.org/samba/docs/current/man-html/...
idmap config * : backend = ad <- stitching is not true

idmpa_ad is used to ensure that multiple servers had the same uid/gid -> sid mappings. It may be worth it to use idmap_rid?

well, then winbind has a cache and it had to do was clear: "net cache flush" like
by

Related questions

0 like 0 dislike
1 answer
As for ubuntu vsftpd to allow to connect users with uid or gid less than 1000?
asked Mar 25, 2019 by opium
0 like 0 dislike
1 answer
Windows comes via Samba from domain name, which is not. How to cure?
asked Apr 5, 2019 by seventh
0 like 0 dislike
5 answers
How to "share" a folder in SAMBA?
asked May 21, 2019 by tmman
0 like 0 dislike
2 answers
How to mount network drive samba without file synchronization?
asked May 21, 2019 by Kiki55

Most popular tags

javascript php css html jquery wordpress python linux web-development mysql android windows java layout c# computer-networks node.js cpp iron yii vue.js 1C-Bitrix react laravel django nginx system-administration search-engine-optimization api ubuntu the-it-education. ajax sql programming hosting cms design apache google-chrome bootstrap Vkontakte macos google network-administration git laptops algorithms regular-expressions unity-game-engine email angular database network-equipment software wooсommerce debian .net ios information-security video law-in-it browsers books parsing wi-fi game-development career htaccess postgresql telegram mikrotik mobile-development ruby-on-rails the-domain-name-system modx Yandex c json opencart Habr freelance vpn asp.net windows-server symfony bots hard-drives math qt DIY audio frontend payment-system bash electronics gulp.js user-interface docker online-shopping
110,608 questions
257,186 answers
0 comments
32,707 users