Samba Winbind Authentication with Windows 2003 - Multiple Linux Server

[dhuynh]

Hi,

I've been searching around the web for help and have been really pulling my hair on this one. Any hint or help would be greatly appreciated!

I have a Windows 2003 Server w/ AD on it.
I have two linux machine, both running the same version of RHEL 5 (compute-1, compute-4)

When I log into compute-1, and do an "id dhuynh", I get this:

uid=1501(dhuynh) gid=1500(domain users) groups=1500(domain users),2013(dusers),1501(certsvc_dcom_access),1507 (BUILTIN+users)

When I log into compute-4, do do the same command, I get this:

uid=1500(dhuynh) gid=1504(domain users) groups=1504(domain users),1505(certsvc_dcom_access),1501(BUILTIN+user s)

Notice that the uid and gid are different. How do I get them to be the same?
This is affective the file permissions in certain shared directories.

I've check /etc/samba/smb.conf and they are identical. I also check /etc/nsswitch.conf and they are identical too.

Help..!! =)

[Rubberman]

I don't think you can since these ID's are assigned by the operating system when the accounts are created. The only way to do so is to install the two systems identically and with the same servics and accounts installed / created in EXACTLY the same order. One easier way is to use something like Clonezilla to create the second server after you have configured the first one exactly as you need. However, on existing systems this may not be possible, at least in a reasonably efficient manner. Good luck, and one final question - why do you need to have the same account and group ID's?

[dhuynh]

There has to be a way. I think I have to set up an openldap server

compute-1 --> doesn't the authentication and store uid/gid in ldap
compute-4 --> uses compute-1's ldap to authenticated.

Does this sound about right to anyone? Gonna have to set up some lab PCs to try this before I do it on the real machines.