[CentOS] Fwd: Linux, Windows AD domain, and IDs

Sat Dec 4 14:34:44 UTC 2010
Ryan Wagoner <rswagoner at gmail.com>

On Sat, Dec 4, 2010 at 5:41 AM, Scott Ehrlich <srehrlich at gmail.com> wrote:
> You have a CentOS (for example) workstation that is a member of a
> Windows AD domain courtesy of modified smb.conf and krb5.conf files.
> There are, thus, no local user accounts on the linux workstation.
>
> There is a network application that benefits most (maybe even
> requires) the user's numerical portion of their employee ID as their
> linux workstation id.
>
> Thus, if I log in, my domain username might be scott12.   My employee
> ID might be se123456.    If I log into the linux workstation, I'm
> going to log in as scott12 along with providing my password.    I type
> id at the shell, and am given something like scott12 (10001) for the
> user.    How can I manage to make the id [also] equal to 123456 for
> user scott12 without breaking anything?
>
> Thanks for any leads.
>
> Scott

You need to use IDMAP to do this. Have a look at the below link,
specially the IDMAP storage in LDAP section.

http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html

Ryan