[CentOS] Centos+AD integration (uid/gid problems)

Tue Mar 29 17:27:39 UTC 2011
Ray Van Dolson <rayvd at bludgeon.org>

On Tue, Mar 29, 2011 at 06:25:06PM +0100, nux at li.nux.ro wrote:
> Ray Van Dolson writes:
> 
> > On Tue, Mar 29, 2011 at 06:07:46PM +0100, nux at li.nux.ro wrote:
> > You might try taking a look at idmap_ad(8) (and the other idmap_* man
> > pages as well).
> > 
> > I'm not sure which idmap backend gets used by default (RID?).  I did
> > think idmap_rid would result in consistent UID/GID mappings based on
> > the SID assuming you choose the same ranges on each server...
> > 
> > Ray
> 
> Ray,
> 
> Thanks for the tip. I will have a look in this whole idmap thing.
> AFAIK the IDs are assigned by winbind from a rather generous range, but I 
> think it's the same range on every machine.

FYI, idmap_tdb(8) is the default backend.

I am using it on several servers and seeing the same UID's generated on
each of them (with identical idmap uid/gid configuration ranges set of
course).

Ray