Re: [Samba] Uidnumbers strange behaviour on DC

On Wed, 3 Oct 2018 15:10:06 +0100
Carlos Jesus <camjesus2@xxxxxxxxx> wrote:

> Hi Roland,
> first and foremost, thank you for such a fast reply.
> It it's a known problem, I should have done my research better...
> sorry about that.
> on the idmap.ldm you mean delete the entire record or just the
> objectSid: line? See below.
> # record 98
> dn: CN=S-1-5-21-2578023650-2965493730-3822412211-1605
> cn: S-1-5-21-2578023650-2965493730-3822412211-1605
> objectClass: sidMap
> objectSid: S-1-5-21-2578023650-2965493730-3822412211-1605
> type: ID_TYPE_BOTH
> xidNumber: 3000154
> distinguishedName: CN=S-1-5-21-2578023650-2965493730-3822412211-1605
> It seems that some of the groups also suffer from this schizophrenia
> about he gidNumbers...

The entire object ;-)

When a user (or group) first contacts the DC, an entry is created in
idmap.ldb, unless it has a uidNumber (or gidNumber). If the entry in
idmap.ldb is there, it somehow gets used instead of the uidNumber until
'net cache flush' is used. If you remove the 'object' from idmap.ldb,
it shouldn't get recreated.


