我有两台
Linux服务器使用Samba / Winbind连接到Active Directory Windows 2008服务器,这是我的samba配置
workgroup = COMPANY
realm = COMPANY.COM
server string = SAMBA-AD Server
security = ADS
password server = 10.1.x.x
log level = 2
log file = /var/log/samba/log.%m
max log size = 50
unix extensions = No
idmap uid = 10000-20000
idmap gid = 10000-20000
template homedir = /home/%u
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nss info = rfc2307
两者配置完全相同,但是,当我运行getent组时,列出的GID对于两者都是不同的,即使范围完全相同,从10000-20000.
在Linux服务器上A:
domain computers:*:10011:
在Linux服务器B上:
domain computers:*:10008:
它似乎从10000开始.
如何在两台Linux服务器上同步GID?任何帮助非常感谢!
编辑:@larsks,我尝试添加idmap_rid,这是最新的配置:
workgroup = COMPANY
realm = COMPANY.COM
server string = SAMBA-AD Server
security = ADS
password server = 10.1.xx.xx
log file = /var/log/samba/log.%m
max log size = 50
unix extensions = No
idmap config COMPANY:backend = rid
idmap config COMPANY:base_rid = 1000
idmap config COMPANY:range = 10000 - 20000
template homedir = /home/%u
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nss info = rfc2307
hosts allow = 127.,192.168.12.,192.168.13.,10.1.11.,10.2.,wide links = Yes
我删除了idmap gid = 10000-20000.
我需要删除winbind枚举组=是吗?
但是,即使我在idmap_rid添加后重新启动winbind / samba,GID也保持不变.
