Re: [Samba] Verifying idmap.ldb consistency across domain controllers
- Date: Tue, 8 May 2018 09:23:42 -0400
- From: lingpanda101 via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Verifying idmap.ldb consistency across domain controllers
On 5/8/2018 9:07 AM, Rowland Penny via samba wrote:
My concern is with human error and built in groups. I'm using RFC2307 on
all DC's so all UID's and GID's for manually created user & groups I
should be good. I'm pretty confident for all DC's I have added to the
domain, I took the step to copy and replace idmap.ldb. If I search for
one builtin user and group and verify XID's across domain controllers.
Can I deduce I have in fact took care to copy and replace idmap.ldb from
the 1st DC? What are some tell tell signs of idmap.ldb inconsistency?
Thanks for any guidance.
On Tue, 8 May 2018 08:59:52 -0400
lingpanda101 via samba <samba@xxxxxxxxxxxxxxx> wrote:
Is there a command or quick way to verify idmap.ldb is
consistent across domain controllers? Similar to using samba-tool to
compare two ldap databases? Thanks.
No, but if haven't synced idmap.ldb from the first DC to all other DCs,
then you can take it for granted they are not consistent ;-)
To unsubscribe from this list go to the following URL and read the