{"id":207,"date":"2013-08-13T05:08:47","date_gmt":"2013-08-13T05:08:47","guid":{"rendered":"https:\/\/digitalchild.info\/?p=207"},"modified":"2013-08-13T05:08:47","modified_gmt":"2013-08-13T05:08:47","slug":"samba-3-6-idmap","status":"publish","type":"post","link":"https:\/\/randomadult.local\/samba-3-6-idmap\/","title":{"rendered":"Samba 3.6 idmap"},"content":{"rendered":"
I have a couple of file servers in my network running Samba 3.6 as member servers. Something that you would want to get going at some point is syncing the UID\/GID across the machines so that if you want to move the data around the uids\/gids are the same. The way to make this work is with the idmap configurations. I hadn’t done this and in my stupidity had created a second file server that couldn’t move files to and from the first. IDIOT!<\/p>\n
In Samba 3.6 \u00a0idmap was completely re-written<\/a> as it was a bit broken before then and its actually quite simple to have your machines all talking the same uid\/gid. This is to use the idmap_rid system. From the samba docs<\/a>.<\/p>\n The\u00a0 If you have already setup your file server without using idmap_rid you can change how it works by adding the following lines to your global section of your samba conf file. Replacing the lines and or removing lines as required.<\/p>\n I’m not sure if this step is needed but I removed the member server from the domain. Then I restarted samba and winbind, rejoined the member server and I was still getting the old Ids. I realised that winbind was caching the old Id’s and no matter what I did I couldn’t work out how to update them.\u00a0After searching around for quite a while I found this blog post<\/a> from Alex Cline. The commands are very straight forward.<\/p>\n It’s really that simple. I found posts all over the place talking about killing the samba data directory in \/var\/lib\/samba and that all sounded a little crazy. I’m glad its as simple as that. To test that this worked, just run the following command to see the new id from winbind.<\/p>\n This should output your new rid generated id.<\/p>\n Rinse and repeat for any other servers you might have.<\/p>\n","protected":false},"excerpt":{"rendered":" I have a couple of file servers in my network running Samba 3.6 as member servers. Something that you would want to get going at some point is syncing the UID\/GID across the machines so that if you want to move the data around the uids\/gids are the same. The …<\/p>\nidmap_rid<\/code>\u00a0facility is a new tool that, unlike native winbind, creates a predictable mapping of MS Windows SIDs to UNIX UIDs and GIDs<\/p><\/blockquote>\n
\n\nworkgroup = MYDOMAIN\npassword server = pdc.mydomain.com\nencrypt passwords = Yes\nrealm = MYDOMAIN.COM\nsecurity = ads\nallow trusted domains = false\nidmap config * : backend = tdb\nidmap config * : range = 10001-20000\nidmap config MYDOMAIN : backend = rid\nidmap config MYDOMAIN : range = 5000-10000\nidmap config MYDOMAIN : base_rid = 0\n\n<\/pre>\n
net cache flush <\/pre>\n
id -u username <\/pre>\n