I have got SLES 15 sp 2 server integrated with Windows 2019 AD server.I could login with ad user id in the Linux systems.However uid/gid are not reflecting from the ad.We have set uid( for eg: uid- > 8000 ),gid,login shell and home directory for user at ad user/group attribute level. Here is the smb.conf file
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
[global]
workgroup = abcde5
usershare allow guests = YES
idmap config * : backend = tdb
idmap config * : range = 5000000-5999999
idmap config ABC : backend = ad
idmap config ABC : range = 1000-99999
idmap config ABC : schema_mode = rfc2307
idmap config ABC : unix_nss_info = yes
kerberos method = secrets and keytab
realm = ABC.DE5.CORP
security = ADS
template homedir = /home/%U
template shell = /bin/bash
winbind offline logon = yes
winbind use default domain = yes
winbind refresh tickets = yes
log file = /var/log/samba/%m.log
log level = 1
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
de5pw04:/etc/samba # id de5group1u1
uid=5000000(de5group1u1) gid=5000000(domain users) groups=5000000(domain users),5000001(de5group1) de5pwd04:/etc/samba #
de5pwd04:/etc/samba # wbinfo -V
Version 4.11.14-git.313.d4e302805e14.32.1-SUSE-oS15.0-x86_64
de5pwd04:/etc/samba #
Please let me know,how to get uid/gid set on the ad to Linux system for the user
If your workgroup is 'ABCDE5' then your your 'idmap config ABC' lines are wrong, they should be 'idmap config ABCDE5'. This has led to your users & groups being put into the '*' domain.