How can I configure winbind to synchronize user and group IDs across multiple Red Hat Enterprise Linux hosts on Active Directory accounts?

Solution Verified - Updated -

Issue

When using winbind for Active Directory (AD) integration the user and group IDs are assigned sequentially on each machine based on user access. This results that both UIDs and GIDs are not synced between servers.

An alternative to this could be to use LDAP for the idmap backend, however the benefit of using the rid idmap backend is that it doesn't require any additional network servers or services to be configured.

The limitation on the other hand is that it can only be used within single domain environments and is not compatible with trusted domain implementations.

Environment

Red Hat Enterprise Linux (RHEL) 4
Red Hat Enterprise Linux (RHEL) 5
Red Hat Enterprise Linux (RHEL) 6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.