Machines joined to the domain without centrify showing different uid/gid

Showing results for 
Search instead for 
Do you mean 
Reply
Participant I
Posts: 1
Registered: ‎10-03-2018
#1 of 2 449

Machines joined to the domain without centrify showing different uid/gid

Hello,

 

we have a bunch of centos machines joined to the domain using sssd / winbind that have been working. one of these hosts is a file server. we decided add the linux desktops, all running ubuntu to the domain and had issues. this is when we found centrify, this worked in adding the machines but the UID and GIDs are different for example

 

two machines pulling down info for a windows group.

 

ubuntu

getent group domain_secure_high
domain_secure_high:x:1308624036:

 

centos

 getent group domain_secure_high
domain_secure_high:*:79801188:

 

this is obviously causing a permission nightmare.. anyway to match these up? i have tried the group.ovr but that seems to only work with local groups? it did nothing for me.

Centrify Guru I
Posts: 2,388
Registered: ‎07-26-2012
#2 of 2 431

Re: Machines joined to the domain without centrify showing different uid/gid

@johnnylee,

 

Welcome to the Centrify forums.

 

This behavior is expected.  The users and groups created and assigned UNIX POSIX information via SSS or Winbind have a different UID/GID numbering convention.

 

The passwd and group overrides (passwd.ovr, group.ovr) are premium features.

 

For identity consolidation, the commercial version will allow you to manipulate UNIX identity with ease using Windows GUI tools, PowerShell or *NIX-based scripting.

 

Note that we provide tools for migration.  See this post by @tchariya that explains these tooling:

https://community.centrify.com/t5/TechBlog/HOWTO-Using-ADFIXID-and-ADRMLOCAL-to-clean-up-the-local-u...

 

R.P

 

 

Want to learn more about practical Centrify examples? Check out my blog at http://centrifying.blogspot.com
Follow Centrify: