Web lists-archives.com

Re: [Samba] updating TDB user/group entries to RID




On 27. okt. 2017 16:46, Rowland Penny via samba wrote:
On Fri, 27 Oct 2017 15:17:56 +0200
Oleg Cherkasov via samba <samba@xxxxxxxxxxxxxxx> wrote:

Hi,

I wonder if there are any tools to simplify transition from TDB to
RID on existing system in production.  Long story short, by mistake
one of our servers were configured with default idmap set to a range:

idmap config * : backend = tdb
idmap config * : range = 3000-7999

The server had joined domain and everything works just fine however I
may need to fix user/group ids and make it like that:

idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config MYDOMAIN : backend = rid
idmap config MYDOMAIN : range = 8000-999999999

Existing users and groups are still in TDB so RID does not have any
effect unless uncached user used.

I suspect I may need to do some scripting with tdbtool and
getfacl/setfacl to be able to migrate existing filesystem to new ids.
Using robocopy may be expensive to pull and push files because
filesystem is more than 35Tb+ ...


 From what I understand, your domain users and groups are being
allocated IDs in the 3000-7999 range, if this is so, it will probably
be  be easier to script around 'getent passwd' and 'getent group'.

Correct, some users and groups are in 3000-7999 so would have to translate and setfacl to range 8000-999999999.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba