This cheat sheet shows how to map a Samba4 user to their corresponding UNIX UID.
[user@thesystem ~]$ id dorkus uid=2013(dorkus) gid=1005(dorkus) groups=1005(dorkus) [user@thesystem ~]$
root@thesystem:~ # samba-tool user add dorkus New Password: Retype Password: User 'dorkus' created successfully root@thesystem:~ #
root@nas-1:~ # wbinfo --name-to-sid dorkus S-1-5-21-1002881701-2601196197-2352697156-3105 SID_USER (1) root@nas-1:~ # wbinfo --sid-to-uid S-1-5-21-1002881701-2601196197-2352697156-3105 3000018 root@nas-1:~ #
root@thesystem:~ # find /var | grep idmap.ldb /var/db/samba4/private/idmap.ldb root@thesystem:~ #
root@thesystem:~ # ldbedit -e vi -H /var/db/samba4/private/idmap.ldb objectsid=S-1-5-21-1002881701-2601196197-2352697156-3105
# editing 1 records # record 1 dn: CN=S-1-5-21-1002881701-2601196197-2352697156-3105 cn: S-1-5-21-1002881701-2601196197-2352697156-3105 objectClass: sidMap objectSid: S-1-5-21-1002881701-2601196197-2352697156-3105 type: ID_TYPE_BOTH xidNumber: 3000018 distinguishedName: CN=S-1-5-21-1002881701-2601196197-2352697156-3105
# editing 1 records # record 1 dn: CN=S-1-5-21-1002881701-2601196197-2352697156-3105 cn: S-1-5-21-1002881701-2601196197-2352697156-3105 objectClass: sidMap objectSid: S-1-5-21-1002881701-2601196197-2352697156-3105 type: ID_TYPE_BOTH xidNumber: 2013 distinguishedName: CN=S-1-5-21-1002881701-2601196197-2352697156-3105
root@thesystem:~ # wbinfo --sid-to-uid S-1-5-21-1002881701-2601196197-2352697156-3105 2013 root@thesystem:~ #
You should be able to consistenly access files from a samba share that is also a NFS export or a local fileystem on a UNIX-like OS without having to constantly adjust owners or use world readable and writable file persmissions.