I configured the mapping backend in smb.conf like this: idmap backend = rid:MYDOMAIN=10000-20000 idmap uid = 10000-20000 idmap gid = 10000-20000 Like documentation said, "... This way all domain members and controllers will have the same UID and GID to SID mappings. ... " But i got 3 machines, 2 got the same mappings - but the other one, same configuration like the rest, mapps differently, which is really a pain because nfs and other services cant be run. I dont know where to look elsa for errors, logs shows nothing - it works, but winbind maps wrong. kind regards Torsten
Please make sure that you do nat have existing mapping in winbindd_idmap.tdb on the problematic machine. beyond that, there's not enough information here to move forward. We need gzipped level 10 debug logs from winbindd and smbd. You can also run wbinfo -S <SID> on each machine to test the SID -> uid/gid resolution. It should return the same uid on each machine. And also make sure that there are not pre-existing users conflicting with the idmap uid or gid range in smb.conf
Thx for hint - an existing mapping file caused the error - deleted all on all machines and now it works. kind regards Torsten