Unfortunately, simply switching to idmap_rid at this point will not
rectify your immediate problem. Winbind will apply uid's and gid's via
a specific algorithm, which will once again be different from your
current mappings.
However, if you wish to ensure consistent mappings for the future (new
server or multiple servers), then you would switch to idmap_rid and
manually set the ownerships this one time.
Having multiple servers, it was worth the time and effort for me to do
so; but of course, this may not be a pressing need for you.
HTH,
Dale
Ben Tisdall wrote:
Dale Schroeder wrote:
Which winbind idmap backend are you using?
The default tdb backend generates id's randomly (which appears to be
your case), meaning you will have to do a lot of chown commands on box B.
For consistent mappings, use something like idmap_rid.
http://us6.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2598850
Thanks very much Dale, I was using the tdb backend.
I read the docs but I'm not clear on whether the configuration can
simply be retrofitted to both servers or whether changes to the data
itself will be needed.
I did make a quick test but aside from ownerships showing as 'user'
rather than 'DOMAIN\user' nothing changed in respect of missing UIDs/GIDs.
BTW the ultimate aim of was is to validate a server that will actually
replace a single ADS domain member. This being the case I suppose I
could back up the relevant tdb files, do a leave on the existing server,
join the new one and copy the tdbs into place? Still, if I can use
idmap_rid without undue hassle it's clearly a better solution.
Best,
Ben.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
