[CentOS] Centos+AD integration (uid/gid problems)
nux at li.nux.ro
nux at li.nux.ro
Wed Mar 30 08:35:11 UTC 2011
Ray Van Dolson writes:
> On Tue, Mar 29, 2011 at 02:13:13PM -0400, Christopher Hearn wrote:
>> On Mar 29, 2011, at 1:18 PM, Ray Van Dolson wrote:
>>
>> > On Tue, Mar 29, 2011 at 06:07:46PM +0100, nux at li.nux.ro wrote:
>> >> Hi,
>> >>
>> >> I need to have several EL machines in an AD env.
>> >> Joining the machines was easier than expected using authconfig, but what
>> >> happens now is that blahdomain\blahuser gets assigned a
>> >> different, random ID each time I use a different station.
>> >> In AD I did specify the UID and GID in the UNIX Attributes tab for blahuser,
>> >> but it gets totally ignored; so do the other values (for home, shell etc).
>> >>
>> >> Ideally I'd have all the users assigned a static uid and gid from AD and
>> >> have /home on all machines mounted from NFS; but right now if I log in with
>> >> blahuser to another machine my $HOME is owned by another random id.
>> >>
>> >> Sugesstions? What am I missing? I'm quite a noob with Windows :)
>> >>
>> >> Cheers
>> >
>> > You might try taking a look at idmap_ad(8) (and the other idmap_* man
>> > pages as well).
>> >
>> > I'm not sure which idmap backend gets used by default (RID?). I did
>> > think idmap_rid would result in consistent UID/GID mappings based on
>> > the SID assuming you choose the same ranges on each server...
>> >
>> > Ray
>>
>> If you use something like Centrify Express or Likewise Open, the
>> UID/GIDs are calculated the same way every time on every system that
>> uses the software so it makes, IMO, setup & management a lot easier.
>>
>> Chris
>
> I can vouch for Likewise Open just working. However, it too is based
> on Samba and based on the OP's information, he should be able to
> achieve deterministic UID/GID numbers across his system with standard
> OS packages only if that is his goal.
>
> That said, if you have a variety of platforms and OS'es to support,
> Likewise is a great option... (never tried Centrify)
>
> Ray
Thanks for the suggestion, but already tried Likewise (on some ubuntu
machine though) and didnt work for me, however for my needs authconfig does
a great job and if I get the UID/GID issue solved I'm all settled.
Following Adam's advice I got the GID from UNIX Attributes respected, so
I'm getting closer. :-)
Thanks for all the replies!
--
Nux!
www.nux.ro
More information about the CentOS
mailing list