On Sat, 2013-09-28 at 16:22 +0100, Rowland Penny wrote: > On 28/09/13 16:11, Marc Muehlfeld wrote: > > Hello, > > > > Am 28.09.2013 10:11, schrieb Rowland Penny: > >>> Without the rfc2307 domain provision, will I have to add manually > >>> uidNumber and guiNumber each time a new user is created from Windows > >>> Management Console ? > >>> > >> Even with RFC2307 domain provision, you will have to add the uidNumber & > >> gidNumber manually, as Steve says, you can do this with samba-tool, but > >> YOU have to supply these numbers, they are not incremented > >> automatically. > > > > If you use the MMC, the numbers are incremented automatically. You > > simply select the NIS domain in the Unix tab and it shows the last > > UID/GID + 1. So you don't have to track somewhere which was the last > > UID/GID you've set. > > > > Microsoft tracks this somewhere in the directory under System / > > RpcServices. > > > > > > Regards, > > Marc > > > > > > > > > Well, yes you are probably right, but as I have never used the MMC to > add a Linux user, I did not know this, so thanks for the heads up. > Having said that, I still think it would be quicker to add a user via a > script on the Linux server. > > Do you know where exactly where Microsoft tracks the uidNumber? > > Rowland
Yeah, another good one. Samba4 provisioned without rfc2307 takes the next uid/gidNumber from the CN=CONFIG counter object in idmap.ldb, attribute: xidNumber If we set: idmap_ldb use:rfc2307 = Yes in smb.conf the counter does not update and is ignored. This entry is added if we provision with rfc2307 but it can be added to a provision without it whereupon it has the same effect. The counter stops. MMC introduces yet another way of guessing a uidNumber. I think the advice must be, choose one method and stick to it. They are not interchangeable. Rowlands RID script seems the most bulletproof to me. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
