Answer the question
In order to leave comments, you need to log in
S
S
Sinot2015-08-18 08:31:09
Sinot, 2015-08-18 08:31:09
How to get rid of huge UID and GID values in SAMBA+winbind?
Greetings.
I set up authorization in the Debian system through the Windows domain controller according to this manual. Everything went fine: I get tickets, I "entered" the domain, I also get a list of users and groups. But users and groups, despite the Samba settings, have ten-digit UIDs and GIDs.
# getent passwd
...
eroshinats:*:4294967295:4294967295:Ерошина Татьяна Сергеевна:/home/CRB/eroshinats:/bin/bash
sobolevamv:*:4294967295:4294967295:Соболева Марина Викторовна:/home/CRB/sobolevamv:/bin/bash
...The su <domain user> command throws an error: "setgid: Invalid argument". Everything works fine for local users.
Actually the question is why such values and how to fix it?
Debian testing 64 system . Samba config just in case.
Thank you.
1 answer(s)
@Sinot
In this case, rid (the last part of sid) of the user will be used as an identifier.
R
Rsa97, 2015-08-18 @Sinot
I recommend setting up the backend not tdb, but rid, I did it like this:
idmap config NT AUTHORITY : base_rid = 0
idmap config NT AUTHORITY : range = 1200000-1299999
idmap config NT AUTHORITY : backend = rid
idmap config BUILTIN : base_rid = 0
idmap config BUILTIN : range = 1000000-1099999
idmap config BUILTIN : backend = rid
idmap config <домен> : base_rid = 100
idmap config <домен> : range = 100-999999
idmap config <домен> : backend = rid
idmap config <домен> : default = yes
idmap config * : range = 1300000-1999999
idmap config * : backend = ridIn this case, rid (the last part of sid) of the user will be used as an identifier.
Similar questions
V
A
A
R
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question