Web lists-archives.com

Re: [Samba] wbinfo not resolving SID to username





you should remove 'winbind' from the shadow line, it isn't required.
Done, thanks.

That is all perfectly normal on a Samba AD DC. The only way to get all
users and groups mapped to names, is to use uidNumber & gidNumber attributes for all users & groups. This is NOT recommended on a DC, this is because of sysvol, where some groups have also to be users to own things. This is done in idmap.ldb where groups are mapped to ID_TYPE_BOTH, if you give the wrong group a gidNumber, it will become just a group and a group cannot own anything on Linux.
Ok. This is the first Samba DC I'm playing with and I like to check everything before putting it into production.

Just as an aside, I think you will find that 'sysvol' is mostly empty, you will need to sync it from the DC you joined this one to. Rowland
I've replicated sysvol with robocopy (from the Windows) and configured a task to keep things in sync till the Windows DC will be demoted.

What about the strange chars in getfacl output? They seem like escape sequences: "default:group:BUILTIN\134administrators:rwx" should read "default:group:BUILTIN\administrators:rwx", right?

Is there something wrong here?

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba