Author Topic: gidNumber on Zentyal/DC  (Read 1196 times)

itbungler

  • Zen Apprentice
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
gidNumber on Zentyal/DC
« on: May 22, 2021, 08:57:04 pm »
Hi Folks,

facing the following issue with my Zentyal Server.
My goal is to use a different primary group than 2513 for a AD User in my landscape.
In total I have 3 Domain Controller (2x ARM and 1x x86_64)
On the ARM Hosts everything works as expected, but not on my x86_64, that is my Zentyal Host.
When I call id for "my Test User" i get back the expected group that i maintained in sam.ldb as gidNumber.
sam.ldb get replicated fine, sam.ldb entries are the same on all 3 DCs as expected.
When I do the same on my Zentyal Host  I get back 2513, "Domain Users" and not the one I get on the ARM Hosts.
Example:
On ARM HOST: id myuser -> uid=xxxx(myuser) gid=yyyy(mygroup) groups=yyyy(mygroup),2513(domain users)
On Zentyal HOST: id myuser -> uid=xxxx(myDomain\myuser),gid=2513(myDomain\domain users) groups=2513(myDomain\domain users),yyyy(myDomain\mygroup)

I assume this is related to the authentication, as I use sssd on the ARM Hosts but not on Zentyal Host.
So any Idea what need to be done to bring Zentyalhost to give back the gidNumber instead of "Domain Users"?
Any feedback welcome, beside install sssd on Zentyal Host, what I want to avoid  ;D

BR
ITBungler